Vulnerabilities in Undsgn
9 resultsCVE-2024-13681HIGHUncode <= 2.9.1.6 - Unauthenticated Arbitrary File Read in uncode_admin_get_oembedEPSS 0.6%CVE-2023-51515HIGHWordPress Uncode Core plugin <= 2.8.8 - Privilege Escalation vulnerabilityEPSS 0.6%CVE-2023-51500HIGHWordPress Uncode Core plugin <= 2.8.8 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2024-13689MEDIUMUncode Core <= 2.9.1.6 - Authenticated (Subscriber+) Arbitrary Shortcode Execution in uncode_get_mediasEPSS 0.4%CVE-2024-13691MEDIUMUncode <= 2.9.1.6 - Authenticated (Subscriber+) Arbitrary File Read in uncode_recordMediaEPSS 0.4%CVE-2023-51501HIGHWordPress Uncode Core Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-48107HIGHWordPress Uncode theme < 2.9.4.4 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-13667MEDIUMUncode <= 2.9.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via mle-descriptionEPSS 0.2%CVE-2025-6944MEDIUMUncode Core <= 2.9.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodesEPSS 0.2%