Uncode Security Vulnerabilities and Issues — Uncode CVE List

UndsgnUncode

4 matches found

CVE•added 2023/12/28 9:56 a.m.•74 views

CVE-2023-51501

CVE-2023-51501 affects Undsgn Uncode (WordPress theme) — Uncode Core

7.1CVSS7.1AI score0.00351EPSS

CVE•added 2025/02/18 11:10 a.m.•54 views

CVE-2024-13691

CVE-2024-13691 affects Uncode (WordPress)

6.5CVSS6.7AI score0.00356EPSS

CVE•added 2025/02/18 11:10 a.m.•53 views

CVE-2024-13681

CVE-2024-13681 affects the WordPress theme Uncode. The vulnerability is an unauthenticated arbitrary file read due to insufficient input validation in the uncode_admin_get_oembed function, affecting all versions up to 2.9.1.6. Patch/mitigation: upgrade to Uncode 2.9.1.6 or apply the vendor fix th...

7.5CVSS7AI score0.0058EPSS

CVE•added 2025/02/18 11:10 a.m.•52 views

CVE-2024-13667

CVE-2024-13667 (Uncode Theme, WordPress) : Wordfence and NVD describe a stored XSS in the Uncode theme via the mle-description parameter, affecting Uncode versions up to 2.9.1.6. An authenticated user with Subscriber-level access or higher can inject scripts into pages, which execute when other u...

5.4CVSS5.9AI score0.00222EPSS