VYPR
High severity7.1NVD Advisory· Published Dec 28, 2023· Updated Jun 17, 2026

CVE-2023-51501

CVE-2023-51501

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Uncode - Creative & WooCommerce WordPress Theme: from n/a through 2.8.6.

Affected products

3
  • Undsgn/Uncode2 versions
    cpe:2.3:a:undsgn:uncode:*:*:*:*:*:woocommerce:*:*+ 1 more
    • cpe:2.3:a:undsgn:uncode:*:*:*:*:*:woocommerce:*:*range: <=2.8.6
    • cpe:2.3:a:undsgn:uncode:*:*:*:*:*:wordpress:*:*range: <=2.8.6
  • WordPress/Uncodellm-fuzzy
    Range: <=2.8.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.