Security News Avada Builder WordPress plugin flaws allow site credential theft BleepingComputer Daniel Bender 15 May 2026 Share Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database.
