Themes Vulnerabilities

Avada < 7.11.2 - Author+ Arbitrary File Upload via Zip Extraction

Description

The theme is vulnerable to arbitrary file uploads due to missing file type validation when extracting zip files in the 'process_upload' and 'regenerate_icon_files' functions. This makes it possible for authenticated attackers with author permissions to upload arbitrary files on the affected site's server which may make remote code execution possible

Affects Themes

Avada
Fixed in 7.11.2
avada
Fixed in 7.11.2

References

CVE
CVE-2023-39312
URL
https://patchstack.com/database/vulnerability/avada/wordpress-avada-theme-7-11-1-authenticated-author-unrestricted-zip-extraction-vulnerability

Classification

Type
INCORRECT AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-863
CVSS
7.2 (high)

Miscellaneous

Original Researcher
Rafie Muhammad
Verified
No
WPVDB ID
d90338e3-90fa-46be-8fa8-182d1249cc7c

Timeline

Publicly Published
2024-01-29 (about 2 years ago)
Added
2024-01-30 (about 2 years ago)
Last Updated
2024-01-30 (about 2 years ago)

Other

Published
Title
Published
2022-02-23
Title
WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
Published
2025-05-16
Title
MultiVendorX – WooCommerce Multivendor Marketplace Solutions < 4.2.23 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Post Deletion
Published
2026-03-20
Title
UiPress lite <= 3.5.09 - Subscriber+ Plugin Settings Update
Published
2024-05-22
Title
EmbedPress < 3.9.13 - Contributor+ PDF Block Embedding
Published
2025-08-27
Title
Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection < 11.59 - Insufficient Authorization to Unauthenticated Blocklist Bypass