EPSS
Percentile
75.2%
Because of this vulnerability, the authenticated administrators can inject arbitrary web script or HTML.
Update the theme.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3238