Arbitrary File Read
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. One of the flaws is tracked as CVE-2026-4782 and can be exploited in all versions of the plugin through 3.15.2 by an authenticated users with at […]
2 mins read