u-desing is a wordpress theme prone to DOM XSS vulnerability.
versions between 2.7.9 ? (Updated: 08.05.2015) and 2.3.0 ? (Updated:
04.02.2014 - there are 40 of them) are vulnerable to DOM XSS which can be
exploited by adding #<svg onload=alert(1)> to the end of the url.
Vendor already patched the vulnerability on higher versions, but there are
still a lot of people/companies are using vulnerable ones.
You can check the version from: /wp-content/themes/u-design/style.css
CVE Reference: CVE-2015-7357