CVE-2026-1509 | themefusion Avada Builder Plugin up to 3.15.1 on WordPress Dynamic Data Feature output_action_hook code injection

A vulnerability identified as critical has been detected in themefusion Avada Builder Plugin up to 3.15.1 on WordPress. This issue affects the function output_action_hook of the component Dynamic Data Feature. This manipulation causes code injection.

This vulnerability is registered as CVE-2026-1509. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More