Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

CVE-2026-4782

Avada Builder WordPress flaws could expose site credentials, database data

News, Risk, Vendors, Vulnerabilities

May 16, 2026

Two flaws in the Avada Builder WordPress plugin could let attackers read server files or pull data from the database. The issues affect versions through 3.15.2 and 3.15.1, and site owners were urged to upgrade to 3.15.3.

About
Editorial Policy
Privacy
Contact