Themes Vulnerabilities

uDesign Theme 1.8.0-2.7.9 - DOM Cross-Site Scripting (XSS)

Description

The u-design WordPress theme was affected by a DOM Cross-Site Scripting (XSS) security vulnerability.

Affects Themes

u-design
Fixed in 2.7.10

References

CVE
CVE-2015-7357
URL
https://themeforest.net/item/udesign-responsive-wordpress-theme/253220

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
9e55c71d-2927-417a-a531-98584e9ffc7b

Timeline

Publicly Published
2015-05-20 (about 10 years ago)
Added
2015-09-08 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2022-05-31
Title
Spectra < 1.25.6 - Reflected Cross-Site Scripting
Published
2024-12-12
Title
Beaver Builder – WordPress Page Builder < 2.8.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2023-10-25
Title
WP Simple HTML Sitemap < 2.3 - Reflected XSS
Published
2014-08-01
Title
WooCommerce 2.0.12 - index.php calc_shipping_state Parameter XSS
Published
2025-11-06
Title
JetElements For Elementor < 2.7.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting