CVE Vulnerability

CVE-2022-1386

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/ Patch Third Party Advisory
https://theme-fusion.com/version-7-6-2-security-update/ Patch Release Notes
https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:*
Information

Published : 2022-05-16 03:15

Updated : 2022-05-24 07:00

NVD link : CVE-2022-1386

Mitre link : CVE-2022-1386

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)