CVE-2026-54193 PUBLISHED

Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions.

Update the WordPress Fusion Builder Plugin to the latest available version (at least 3.15.5).

• daroo | Patchstack Bug Bounty Program finder

• https://patchstack.com/database/wordpress/plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-4-arbitrary-file-deletion-vulnerability?_s_id=cve

• CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE

• CAPEC-126 Path Traversal