16 Mai 2022
Vulnérabilité CVE-2022-1386 CVE Vulnerability
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. (CVSS:0.0) (Last Update:2022-05-16)
Vulnerability Details : The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. Publish Date : 2022-05-16 Last Update Date : 2022-05-16 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2022-1386
- References For CVE-2022-1386 | |||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2022-1386There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |