Fusion Builder
fusion-builderVulnerabilities:
24
Last Updated:
n/a
Active Installs:
n/a
Published
Title
Fixed in
CVSS
Published
2026-07-13
Title
Avada Builder < 3.15.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Module Title
Fixed in
CVSS
5.5 (medium)
Published
2026-06-18
Title
Avada (Fusion) Builder < 3.15.4 - Unauthenticated Arbitrary File Deletion via Form Entry Value
Fixed in
CVSS
9.1 (critical)
Published
2026-06-18
Fixed in
CVSS
7.2 (high)
Published
2026-06-16
Fixed in
CVSS
6.5 (medium)
Published
2026-06-15
Fixed in
CVSS
6.6 (medium)
Published
2026-05-20
Fixed in
CVSS
6.4 (medium)
Published
2026-05-20
Title
Avada (Fusion) Builder < 3.15.3 - Unauthenticated Remote Code Execution via PHP Function Injection
Fixed in
CVSS
9.8 (critical)
Published
2026-05-12
Fixed in
CVSS
7.5 (high)
Published
2026-05-12
Fixed in
CVSS
6.5 (medium)
Published
2026-04-14
Fixed in
CVSS
5.4 (medium)
Published
2026-04-14
Fixed in
CVSS
4.3 (medium)
Published
2026-03-20
Fixed in
CVSS
6.1 (medium)
Published
2026-03-10
Fixed in
CVSS
4.3 (medium)
Published
2026-03-10
Fixed in
CVSS
5.3 (medium)
Published
2026-01-15
Fixed in
CVSS
5.5 (medium)
Published
2025-10-03
Fixed in
CVSS
6.4 (medium)
Published
2025-07-15
Fixed in
CVSS
6.4 (medium)
Published
2025-03-31
Fixed in
CVSS
6.4 (medium)
Published
2025-02-12
Fixed in
CVSS
7.3 (high)
Published
2025-01-22
Fixed in
CVSS
6.4 (medium)
Published
2024-12-24
Fixed in
CVSS
4.3 (medium)
Published
2024-09-12
Fixed in
CVSS
6.4 (medium)
Published
2023-08-10
Title
Fusion Builder < 3.11.2 - Cross Site Scripting (XSS) vulnerability in the User Register element
Fixed in
CVSS
7.5 (high)
Published
2022-04-19
Fixed in
CVSS
8.6 (high)