CVE-2022-1386 Information

Description

The Fusion Builder WordPress plugin before 3.6.2 used in the Avada theme does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application’s response. This could be used to interact with hosts on the server’s local network bypassing firewalls and access control measures.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/ https://theme-fusion.com/version-7-6-2-security-update/ https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8