Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (3 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-39309 2 Avada, Wordpress 2 Fusion Builder, Wordpress 2026-01-21 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2023-39311 1 Avada 1 Fusion Builder 2025-05-13 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1.
CVE-2024-1468 2 Avada, Theme-fusion 2 Website Builder, Avada 2025-02-05 8.8 High
The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.