| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-48107 | WordPress Uncode theme < 2.9.4.4 - Reflected Cross Site Scripting (XSS) vulnerability | undsgn | Uncode | High | 7.1 | 2025-09-26 08:31:14 | Deep Dive |
| CVE-2025-6944 | Uncode Core <= 2.9.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes | undsgn | Uncode Core | Medium | 6.4 | 2025-07-04 05:23:36 | Deep Dive |
| CVE-2024-13689 | Uncode Core <= 2.9.1.6 - Authenticated (Subscriber+) Arbitrary Shortcode Execution in uncode_get_medias | undsgn | Uncode Core | Medium | 6.3 | 2025-02-18 14:22:15 | Deep Dive |
| CVE-2024-13691 | Uncode <= 2.9.1.6 - Authenticated (Subscriber+) Arbitrary File Read in uncode_recordMedia | undsgn | Uncode | Medium | 6.5 | 2025-02-18 11:10:21 | Deep Dive |
| CVE-2024-13667 | Uncode <= 2.9.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via mle-description | undsgn | Uncode | Medium | 5.4 | 2025-02-18 11:10:20 | Deep Dive |
| CVE-2024-13681 | Uncode <= 2.9.1.6 - Unauthenticated Arbitrary File Read in uncode_admin_get_oembed | undsgn | Uncode | High | 7.5 | 2025-02-18 11:10:19 | Deep Dive |
| CVE-2023-51500 | WordPress Uncode Core plugin <= 2.8.8 - Arbitrary File Deletion vulnerability | Undsgn | Uncode Core | High | 7.7 | 2024-04-17 10:47:57 | Deep Dive |
| CVE-2023-51515 | WordPress Uncode Core plugin <= 2.8.8 - Privilege Escalation vulnerability | Undsgn | Uncode Core | High | 8.8 | 2024-04-12 14:43:09 | Deep Dive |
| CVE-2023-51501 | WordPress Uncode Core Plugin <= 2.8.6 is vulnerable to Cross Site Scripting (XSS) | Undsgn | Uncode - Creative & WooCommerce WordPress Theme | High | 7.1 | 2023-12-28 09:56:28 | Deep Dive |