ThemeFusion 厂商漏洞列表 / CVE 中文分析 44

ThemeFusion 厂商相关 44 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

ThemeFusion 主要开发 WordPress 主题与插件，核心产品包括 Avada 等流行框架。其历史漏洞多涉及未授权访问、跨站脚本及远程代码执行，常因输入验证缺失或权限控制不当引发。截至最新统计已收录 36 条 CVE，反映其代码审计需加强。建议用户及时更新版本以修复已知风险，并启用最小权限原则降低潜在攻击面，确保网站运行安全。

Top products by ThemeFusion: Avada (Fusion) Builder Fusion Builder Avada Avada | Website Builder For WordPress & WooCommerce Avada Core Avada (premium WordPress theme)

CVE ID	标题	CVSS	风险等级	Published
CVE-2026-8713	Avada Builder 3.15.3 未授权任意文件删除漏洞 — Avada (Fusion) BuilderCWE-22	9.1	Critical	2026-06-19
CVE-2026-54193	ThemeFusion Fusion Builder 路径遍历漏洞 — Fusion BuilderCWE-22	7.7	High	2026-06-17
CVE-2026-12256	ThemeFusion Avada 反序列化漏洞 — AvadaCWE-502	8.8	High	2026-06-16
CVE-2026-54194	WordPress Fusion Builder插件 <= 3.15.4 PHP对象注入漏洞 — Fusion BuilderCWE-502	9.8	Critical	2026-06-16
CVE-2026-1543	WordPress plugin Avada (Fusion) Builder 跨站脚本漏洞 — Avada (Fusion) BuilderCWE-79	6.4	Medium	2026-05-21
CVE-2026-6279	WordPress plugin Avada (Fusion) Builder 注入漏洞 — Avada (Fusion) BuilderCWE-74	9.8	Critical	2026-05-21
CVE-2026-4798	WordPress plugin Avada Builder SQL注入漏洞 — Avada (Fusion) BuilderCWE-89	7.5	High	2026-05-13
CVE-2026-4782	WordPress plugin Avada Builder 安全漏洞 — Avada (Fusion) BuilderCWE-36	6.5	Medium	2026-05-13
CVE-2025-58922	WordPress plugin Avada 跨站请求伪造漏洞 — AvadaCWE-352	4.3	Medium	2026-04-22
CVE-2026-1541	WordPress plugin Avada (Fusion) Builder 安全漏洞 — Avada (Fusion) BuilderCWE-639	4.3	Medium	2026-04-15
CVE-2026-1509	WordPress plugin Avada (Fusion) Builder 安全漏洞 — Avada (Fusion) BuilderCWE-94	5.4	Medium	2026-04-15
CVE-2026-32542	WordPress plugin Fusion Builder 安全漏洞 — Fusion BuilderCWE-79	7.1	High	2026-03-25
CVE-2026-32452	WordPress plugin Fusion Builder 安全漏洞 — Fusion BuilderCWE-862	5.3	Medium	2026-03-13
CVE-2026-32454	WordPress plugin Avada Core 跨站脚本漏洞 — Avada CoreCWE-79	6.5	Medium	2026-03-13
CVE-2026-32453	WordPress plugin Avada Core 安全漏洞 — Avada CoreCWE-862	5.3	Medium	2026-03-13
CVE-2026-32451	WordPress plugin Fusion Builder 安全漏洞 — Fusion BuilderCWE-862	6.5	Medium	2026-03-13
CVE-2026-25472	WordPress plugin Fusion Builder 安全漏洞 — Fusion BuilderCWE-79	6.5	Medium	2026-02-19
CVE-2025-64634	WordPress plugin Avada 安全漏洞 — AvadaCWE-862	5.3	Medium	2025-12-16
CVE-2025-49940	WordPress plugin Fusion Builder 跨站脚本漏洞 — Fusion BuilderCWE-79	6.5	Medium	2025-10-22
CVE-2025-6747	WordPress plugin Avada Builder 跨站脚本漏洞 — Avada (Fusion) BuilderCWE-79	6.4	Medium	2025-07-16
CVE-2025-24748	WordPress plugin All In One Slider Responsive SQL注入漏洞 — AvadaCWE-862	5.3	Medium	2025-07-04
CVE-2025-1665	WordPress plugin Avada 跨站脚本漏洞 — Avada (Fusion) BuilderCWE-79	6.4	Medium	2025-04-01
CVE-2024-13345	WordPress plugin Avada Builder 代码注入漏洞 — Avada (Fusion) BuilderCWE-94	7.3	High	2025-02-13
CVE-2024-13346	WordPress plugin Avada \| Website Builder For WordPress & WooCommerce 代码注入漏洞 — Avada \| Website Builder For WordPress & WooCommerceCWE-94	7.3	High	2025-02-13
CVE-2024-12477	WordPress plugin Avada Builder 跨站脚本漏洞 — Avada (Fusion) BuilderCWE-79	6.4	Medium	2025-01-22
CVE-2024-12335	WordPress plugin Avada Builder 安全漏洞 — Avada (Fusion) BuilderCWE-639	4.3	Medium	2024-12-25
CVE-2024-54357	WordPress plugin Avada 跨站请求伪造漏洞 — AvadaCWE-352	4.3	Medium	2024-12-16
CVE-2024-5628	WordPress plugin Avada 跨站脚本漏洞 — Avada (Fusion) BuilderCWE-79	6.4	Medium	2024-09-13
CVE-2023-39312	WordPress plugin Avada 安全漏洞 — AvadaCWE-862	9.1	Critical	2024-06-19
CVE-2023-39310	WordPress plugin Fusion Builder 安全漏洞 — Fusion BuilderCWE-862	5.4	Medium	2024-06-19

本页汇总了 ThemeFusion 厂商截至目前公开的全部 44 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

ThemeFusion 厂商漏洞列表 / CVE 中文分析 44

目标达成感谢每一位支持者 — 我们达成了 100% 目标！