Themefusion Fusion Builder
9 CVEs affecting Themefusion Fusion Builder. Latest disclosed: 2026-03-25. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-39309 | High | 8.5 | 2024-03-28 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Buil… |
CVE-2026-32542 | High | 7.1 | 2026-03-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflecte… |
CVE-2023-39311 | High | 7.1 | 2024-03-27 | Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. |
CVE-2023-39306 | High | 7.1 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issu… |
CVE-2026-32451 | Medium | 6.5 | 2026-03-13 | Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This i… |
CVE-2026-25472 | Medium | 6.5 | 2026-02-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Stored X… |
CVE-2025-49940 | Medium | 6.5 | 2025-10-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows DOM-Base… |
CVE-2023-39310 | Medium | 5.4 | 2024-06-19 | Missing Authorization vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. |
CVE-2026-32452 | Medium | 5.3 | 2026-03-13 | Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This i… |