Approved changes feed: RSS · Atom

cpe:2.3:a:andondesign:udesign:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAndondesign (340aba72-cc36-503f-a92c-61eb8ef6159e)
ProductUdesign (6a6c6039-2497-5481-b72f-f65c59b7f914)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-28130 vulnerable 2026-06-08 07:55:14.968078 WordPress UDesign theme <= 4.14.0 - Reflected Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign u-design allows Reflected XSS.This issue affects UDesign: from n/a through <= 4.14.0.
Published: 2026-03-05T05:54:31.074Z
Updated: 2026-04-28T16:15:08.927Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-24757 vulnerable 2026-06-08 07:12:49.855679 WordPress uDesign theme <= 4.11.2 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in AndonDesign uDesign udesign.This issue affects uDesign: from n/a through <= 4.11.2.
Published: 2025-07-04T08:42:06.451Z
Updated: 2026-04-28T16:11:33.915Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-4077 vulnerable 2026-06-08 06:50:16.979449 WordPress UDesign theme <= 4.7.3 - Reflected Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign allows Reflected XSS.This issue affects UDesign: from n/a through 4.7.3.
Published: 2024-04-25T09:15:22.154Z
Updated: 2026-04-28T16:10:08.420Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.