Security for everyone

CVE-2022-1386 Scanner

Detects 'Server-Side Request Forgery (SSRF)' vulnerability in Fusion Builder plugin for Wordpress affects v. before 3.6.2.

SCAN NOW

Short Info


Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2022-1386 Scanner Detail

The Fusion Builder plugin for WordPress is one of the most popular page builders, used by website owners to design and create beautiful pages without dealing with complex coding. It is a product of Avada Themes, a company that offers a range of premium themes and plugins for WordPress users. This plugin is easy to use, intuitive, and comes with many customization options, making it a preferred choice for designers and developers.

However, in recent times, a severe vulnerability was discovered in the Fusion Builder plugin. Identified as CVE-2022-1386, this vulnerability is caused by a lack of validation of a parameter in its forms, which could enable attackers to initiate arbitrary HTTP requests, obtaining and controlling the data returned in the application's response. Hackers can use this vulnerability to gain access to servers on the local network, bypassing firewalls and other access control measures.

The potential consequences of exploiting this vulnerability are significant and could lead to data loss, server hijacking, and network infiltration. Attackers can use the compromised server to launch further cyber-attacks, such as malware distribution or phishing campaigns. The Fusion Builder plugin vulnerability is a severe threat to the security of WordPress websites and their users.

Securityforeveryone.com is a comprehensive security platform that provides information about vulnerabilities in digital assets. With its Pro features, users can quickly and easily learn about vulnerabilities, receive alerts when new vulnerabilities are detected, and carry out in-depth analysis of their sites to identify potential risks. By signing up for Securityforeveryone.com, website owners can protect their digital assets from cyber-attacks, data loss, and network infiltration. Don't wait until it's too late to protect your website and its users; sign up today.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture