Fusion Builder

CVEs (16)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2026-6279	Avada Fusion Builder	Cri	0.64	9.8	0.00	May 21, 2026	The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function Injection in versions up to and including 3.15.2. This is due to the `wp_conditional_tags` case in `Fusion_Builder_Conditional_Render_Helper::get_value(…
CVE-2026-32542	WordPress Fusion Builder	Hig	0.46	7.1	0.00	Mar 25, 2026	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2023-39311	Avada Fusion Builder	Hig	0.46	7.1	0.00	Mar 27, 2024	Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39306	WordPress Fusion Builder	Hig	0.46	7.1	0.00	Mar 27, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2026-1543	WordPress Fusion Builder	Med	0.42	6.4	0.00	May 21, 2026	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 3.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…
CVE-2026-32451	WordPress Fusion Builder	Med	0.42	6.5	0.00	Mar 13, 2026	Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-25472	WordPress Fusion Builder	Med	0.42	6.5	0.00	Feb 19, 2026	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Stored XSS.This issue affects Fusion Builder: from n/a through <= 3.14.1.
CVE-2025-49940	WordPress Fusion Builder	Med	0.42	6.5	0.00	Oct 22, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows DOM-Based XSS.This issue affects Fusion Builder: from n/a through <= 3.13.2.
CVE-2025-6747	Avada Avada Builder	Med	0.42	6.4	0.00	Jul 16, 2025	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusion_map' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2026-1509	Avada Fusion Builder	Med	0.35	5.4	0.00	Apr 15, 2026	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up to, and including, 3.15.1. This is due to the plugin's `output_action_hook()` function accepting user-controlled input to trigger any registered WordPress…
CVE-2023-39310	WordPress Fusion Builder	Med	0.35	5.4	0.00	Jun 19, 2024	Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2026-32452	WordPress Fusion Builder	Med	0.34	5.3	0.00	Mar 13, 2026	Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-1541	Avada Fusion Builder	Med	0.28	4.3	0.00	Apr 15, 2026	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.15.1. This is due to the plugin's `fusion_get_post_custom_field()` function failing to validate whether metadata keys are protected…
CVE-2022-1386	WordPress Fusion Builder		0.07	—	0.94	May 16, 2022	The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact…
CVE-2025-1665	Theme Fusion Avada (Fusion) Builder		0.00	—	0.00	Apr 1, 2025	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2024-12335	Theme Fusion Avada (Fusion) Builder		0.00	—	0.00	Dec 25, 2024	The Avada (Fusion) Builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.11.12 via the handle_clone_post() function and the 'fusion_blog' shortcode and due to insufficient restrictions on which posts can be included. This…

CVE-2026-6279CriMay 21, 2026
Avada
Fusion Builder
risk 0.64cvss 9.8epss 0.00
The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function Injection in versions up to and including 3.15.2. This is due to the `wp_conditional_tags` case in `Fusion_Builder_Conditional_Render_Helper::get_value(…
CVE-2026-32542HigMar 25, 2026
WordPress
Fusion Builder
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2023-39311HigMar 27, 2024
Avada
Fusion Builder
risk 0.46cvss 7.1epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39306HigMar 27, 2024
WordPress
Fusion Builder
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2026-1543MedMay 21, 2026
WordPress
Fusion Builder
risk 0.42cvss 6.4epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 3.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…
CVE-2026-32451MedMar 13, 2026
WordPress
Fusion Builder
risk 0.42cvss 6.5epss 0.00
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-25472MedFeb 19, 2026
WordPress
Fusion Builder
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Stored XSS.This issue affects Fusion Builder: from n/a through <= 3.14.1.
CVE-2025-49940MedOct 22, 2025
WordPress
Fusion Builder
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows DOM-Based XSS.This issue affects Fusion Builder: from n/a through <= 3.13.2.
CVE-2025-6747MedJul 16, 2025
Avada
Avada Builder
risk 0.42cvss 6.4epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusion_map' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2026-1509MedApr 15, 2026
Avada
Fusion Builder
risk 0.35cvss 5.4epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up to, and including, 3.15.1. This is due to the plugin's `output_action_hook()` function accepting user-controlled input to trigger any registered WordPress…
CVE-2023-39310MedJun 19, 2024
WordPress
Fusion Builder
risk 0.35cvss 5.4epss 0.00
Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2026-32452MedMar 13, 2026
WordPress
Fusion Builder
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-1541MedApr 15, 2026
Avada
Fusion Builder
risk 0.28cvss 4.3epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.15.1. This is due to the plugin's `fusion_get_post_custom_field()` function failing to validate whether metadata keys are protected…
CVE-2022-1386May 16, 2022
WordPress
Fusion Builder
risk 0.07cvss —epss 0.94
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact…
CVE-2025-1665Apr 1, 2025
Theme Fusion
Avada (Fusion) Builder
risk 0.00cvss —epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…
CVE-2024-12335Dec 25, 2024
Theme Fusion
Avada (Fusion) Builder
risk 0.00cvss —epss 0.00
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.11.12 via the handle_clone_post() function and the 'fusion_blog' shortcode and due to insufficient restrictions on which posts can be included. This…