Avada Core

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-32454	Theme Fusion Avada Core	Med	0.42	6.5	0.00		Mar 13, 2026	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0.
CVE-2026-32453	Theme Fusion Avada Core	Med	0.34	5.3	0.00		Mar 13, 2026	Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through < 5.15.0.

CVE-2026-32454MedMar 13, 2026
Theme Fusion
Avada Core
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0.
CVE-2026-32453MedMar 13, 2026
Theme Fusion
Avada Core
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through < 5.15.0.