📦 Uncode

The Uncode WordPress theme contains an arbitrary file read vulnerability that allows unauthenticated attackers to read any file on the server. This affects all WordPress sites using Uncode theme versi...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the Uncode WordPress theme. When users visit a specially crafted URL, the script executes in their browser, ...

The Uncode WordPress theme has a stored cross-site scripting vulnerability that allows authenticated attackers with Subscriber-level access or higher to inject malicious scripts into website pages. Th...

The Uncode WordPress theme has a vulnerability that allows authenticated attackers with Subscriber-level access or higher to read arbitrary files on the server. This occurs due to insufficient input v...