Skip to content
The Nexus
SECURITYMay 15 · 15:56 UTCBLEEPING COMPUTERBill Toulas

Avada Builder WordPress plugin flaws allow site credential theft

The Avada Builder plugin for WordPress has two vulnerabilities that allow hackers to read arbitrary files and extract sensitive information from the database, affecting an estimated one million active installations. This poses a significant risk to site credential theft. The vulnerabilities enable unauthorized access to sensitive data.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this