1. Avada Builder Flaws Expose One Million WordPress Sites to File Read and SQL Injection Attacks
Wordfence threat intelligence researchers have disclosed critical security vulnerabilities in the Avada Builder WordPress plugin, a widely deployed page builder tool, potentially exposing approximately one million WordPress installations to remote attacks. The flaws combine an arbitrary file read vulnerability and a SQ...