CVE Vulnerability
CVE-2022-41996
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada premium theme versions <= 7.8.1 on WordPress leading to arbitrary plugin installation/activation.
References
| Link | Resource |
|---|---|
| https://patchstack.com/database/vulnerability/avada/wordpress-avada-premium-theme-7-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | Third Party Advisory |
| https://theme-fusion.com/documentation-assets/avada/changelog.txt | Release Notes Vendor Advisory |
| https://themeforest.net/item/avada-responsive-multipurpose-theme/2833226 | Product |
Configurations
Configuration 1
|
Information
Published : 2022-10-27 05:15
Updated : 2022-11-01 01:54
NVD link : CVE-2022-41996
Mitre link : CVE-2022-41996
Products Affected
No products.
CWE