CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Udesign Project: Security Vulnerabilities

CVE-2015-7357

Cross-site scripting (XSS) vulnerability in the uDesign (aka U-Design) theme 2.3.0 before 2.7.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via a fragment identifier, as demonstrated by #<svg onload=alert(1)>.

CVSS Score

6.1

EPSS Score

0.003

Published

2017-10-03

Page 1

Vulnerabilities

Vulnerable Software

Udesign Project: Security Vulnerabilities

Products

Pricing

Contact Us