CVE-2026-1541 | themefusion Avada Builder Plugin up to 3.15.1 on WordPress Dynamic Data Feature fusion_get_post_custom_field authorization

A vulnerability labeled as problematic has been found in themefusion Avada Builder Plugin up to 3.15.1 on WordPress. Impacted is the function fusion_get_post_custom_field of the component Dynamic Data Feature. Such manipulation of the argument post_custom_field leads to authorization bypass.

This vulnerability is documented as CVE-2026-1541. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More