It’s important to note, that it is the responsibility of every company or website owner to get their sites GDPR-compliant. So it is not the duty of any framework used to create a website to produce compliant websites. In almost all cases a lot of manual fine tuning will be needed. Generally speaking, that means there is no use in asking “Is WordPress GDPR-compliant?” or “Is Avada GDPR-compliant?”. For example, Avada itself will never be violating the GDPR as it does not collect any data. It is a powerful tool to create websites, and those websites are the ones that will collect data and the data collected will be different for every usecase.
Does that mean that WordPress and Avada users are left alone in their fight for compliancy? No, not at all!