EPSS
Percentile
40.5%
The theme does not properly escape the profile display name, leading to a stored Cross-Site Scripting vulnerability.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/weaver-xtreme/weaver-xtreme-theme-507-authenticatedcontributor-stored-cross-site-scripting-via-display-name