Cross-Site Scripting Vulnerability in U-Design Theme for WordPress
CVE-2015-7357
6.1MEDIUM
What is CVE-2015-7357?
A Cross-Site Scripting (XSS) vulnerability exists in the U-Design WordPress theme versions prior to 2.7.10, which allows remote attackers to inject arbitrary web scripts or HTML via a fragment identifier. This can potentially lead to malicious actions such as stealing session cookies or redirecting users to harmful sites.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved