Themes Vulnerabilities
Avada Theme <= 5.1.4 - Stored Cross-Site Scripting (XSS) & CSRF
Description
The Avada WordPress theme was affected by a Stored Cross-Site Scripting (XSS) & CSRF security vulnerability.
Proof of Concept
http://cdn.wphutte.com/Avada/5.1.4/xss.html http://cdn.wphutte.com/Avada/5.1.4/csrf.html
Affects Themes
Fixed in 5.1.5
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Submitter
WpHutte
Submitter website
Submitter twitter
Verified
No
WPVDB ID
Timeline
Publicly Published
2017-04-26 (about 7 years ago)
Added
2017-05-02 (about 7 years ago)
Last Updated
2020-09-22 (about 3 years ago)