4 matches found
CVE-2015-7357
Cross-site scripting XSS vulnerability in the uDesign aka U-Design theme 2.3.0 before 2.7.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via a fragment identifier, as demonstrated by...
CVE-2015-7357
CVE-2015-7357 is a DOM-based XSS in the WordPress uDesign (U-Design) theme. Affected versions are 2.3.0 prior to 2.7.10 (commonly noted as 2.3.0–2.7.9); a remote attacker could inject arbitrary script/HTML by supplying a fragment identifier (e.g., #). The vulnerability arises in how fragment iden...
CVE-2015-7357
Cross-site scripting XSS vulnerability in the uDesign aka U-Design theme 2.3.0 before 2.7.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via a fragment identifier, as demonstrated by...
WordPress U-Design Theme 2.7.9 Cross Site Scripting Vulnerability
WordPress U-Design theme versions 2.3.0 through 2.7.9 suffer from a cross site scripting vulnerability. u-desing is a wordpress theme prone to DOM XSS vulnerability. Vendor url: http://themeforest.net/item/udesign-responsive-wordpress-theme/253220 versions between 2.7.9 – Updated: 08.05.2015 and...