Themes Vulnerabilities

Avada | Website Builder For WordPress & WooCommerce < 7.11.5 - Authenticated (Contributor+) Arbitrary File Upload

Description

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Affects Themes

Avada
Fixed in 7.11.5
avada
Fixed in 7.11.5

References

CVE
CVE-2024-1468
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/cde6e758-9723-43f2-9972-32be8aeb2b91

Miscellaneous

Original Researcher
Muhammad Zeeshan (Xib3rR4dAr)
Verified
No
WPVDB ID
df0d86aa-ddba-4d5f-8d8e-a0460c0cd079

Timeline

Publicly Published
2024-02-28 (about 2 years ago)
Added
2024-02-28 (about 2 years ago)
Last Updated
2024-02-28 (about 2 years ago)

Other

Published
Title
Published
2019-05-07
Title
WP Live Chat Support Pro - File Upload Bypass
Published
2026-02-13
Title
midi-Synth < 2.0.0 - Unauthenticated Arbitrary File Upload via 'export' AJAX Action
Published
2025-04-14
Title
JS Job Manager <= 2.0.2 - Unauthenticated Arbitrary File Upload
Published
2024-11-27
Title
Tumult Hype Animations < 1.9.16 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function
Published
2025-03-20
Title
Instant Appointment <= 1.2 - Unauthenticated Arbitrary File Upload