Avada
N/A
Developer
N/A
Latest version
N/A
Downloads
N/A
Last updated
Vulnerability history
1 present
17 fixed
9 Mitigation rules
- Broken Access Control vulnerability<= 7.13.1Oct 3, 2025
- Unauthenticated Arbitrary Shortcode Execution vulnerability<= 7.11.13Feb 12, 2025
- Broken Access Control vulnerability<= 7.11.10Jan 24, 2025
- Cross Site Request Forgery (CSRF) vulnerability<= 7.11.10Dec 11, 2024
- Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing vulnerability<= 7.11.6Mar 21, 2024
- Authenticated (Admin+) SQL Injection via entry vulnerability<= 7.11.6Mar 21, 2024
- Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action vulnerability<= 7.11.6Mar 21, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability<= 7.11.6Mar 21, 2024
- Authenticated(Contributor+) Sensitive Information Exposure via Form Entries vulnerability<= 7.11.5Mar 4, 2024
- Authenticated (Contributor+) Arbitrary File Upload vulnerability<= 7.11.4Feb 28, 2024
- Authenticated Arbitrary File Upload vulnerability<= 7.11.1Aug 10, 2023
- Authenticated Server Side Request Forgery (SSRF) vulnerability<= 7.11.1Aug 10, 2023
- Authenticated (Author+) Unrestricted Zip Extraction vulnerability<= 7.11.1Aug 10, 2023
- Authenticated Broken Access Control vulnerability<= 7.11.1Aug 10, 2023
- Cross-Site Request Forgery (CSRF) vulnerability<= 7.8.1Oct 20, 2022
- Unauthenticated Server-Side Request Forgery (SSRF) vulnerability<= 7.6.1Apr 19, 2022
- Arbitrary Post Creation, Edition and Deletion vulnerability<= 6.2.2May 1, 2020
- Stored Cross-Site Scripting (XSS) vulnerability<= 6.2.2May 1, 2020