Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| ThemeFusion | Fusion Builder | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Wordpress | Wordpress | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
Vendor Solution
Update to 3.11.2 or a higher version.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-43038 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. |
Tue, 28 Apr 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1. |
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-04-28T16:08:34.676Z
Reserved: 2023-07-27T14:35:24.630Z
Link: CVE-2023-39306
Vulnrichment
Updated: 2024-08-02T18:02:06.819Z
NVD
Status : Deferred
Published: 2024-03-27T06:15:09.263
Modified: 2026-04-28T19:21:04.577
Link: CVE-2023-39306
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-12T22:16:20Z