Lucene search
K

4 matches found

NVD
NVD
added 2017/10/03 1:29 a.m.21 views

CVE-2015-7357

Cross-site scripting XSS vulnerability in the uDesign aka U-Design theme 2.3.0 before 2.7.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via a fragment identifier, as demonstrated by...

6.1CVSS6.1AI score0.01905EPSS
Exploits1References4
CVE
CVE
added 2017/10/02 7:0 p.m.48 views

CVE-2015-7357

CVE-2015-7357 is a DOM-based XSS in the WordPress uDesign (U-Design) theme. Affected versions are 2.3.0 prior to 2.7.10 (commonly noted as 2.3.0–2.7.9); a remote attacker could inject arbitrary script/HTML by supplying a fragment identifier (e.g., #). The vulnerability arises in how fragment iden...

6.1CVSS6.1AI score0.01905EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2017/10/02 7:0 p.m.21 views

CVE-2015-7357

Cross-site scripting XSS vulnerability in the uDesign aka U-Design theme 2.3.0 before 2.7.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via a fragment identifier, as demonstrated by...

6.1AI score0.01905EPSS
Exploits1References4
0day.today
0day.today
added 2015/10/06 12:0 a.m.48 views

WordPress U-Design Theme 2.7.9 Cross Site Scripting Vulnerability

WordPress U-Design theme versions 2.3.0 through 2.7.9 suffer from a cross site scripting vulnerability. u-desing is a wordpress theme prone to DOM XSS vulnerability. Vendor url: http://themeforest.net/item/udesign-responsive-wordpress-theme/253220 versions between 2.7.9 – Updated: 08.05.2015 and...

4.3CVSS6.3AI score0.01905EPSS
Exploits1
Rows per page
Query Builder