Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. [...]
Avada Builder WordPress plugin flaws allow site credential theft
Résumé + lien vers la source. Sans paywall, sans tracking.