5 matches found
CVE-2025-63062
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-62051 WordPress UDesign Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign Core u-design-core.This issue affects UDesign Core: from n/a through = 4.14.1...
CVE-2025-62051
CVE-2025-62051 is a Cross-Site Scripting (XSS) vulnerability in AndonDesign UDesign Core (u-design-core) . The issue arises from improper neutralization of input during web page generation, affecting UDesign Core versions up to 4.14.1 . Public references in the provided documents consistently des...
CVE-2025-53234 WordPress UDesign Core plugin <= 4.14.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-53234
CVE-2025-53234 is a reflected CrossβSite Scripting (XSS) vulnerability in AndonDesign UDesign Core for WordPress, affecting Core/UDesign Core versions up to and including 4.14.0. The root cause is improper neutralization of user input during web page generation, allowing injected scripts via vuln...