For your WP Security, be informed about the latest vulnerabilities in WordPress themes:
- Supreme Directory Theme
- Unauthenticated Cross-Site Scripting (XSS) reported by Franciny Salles and Flavio Landivar. This theme has a parameter's, that allows executing an xss payload: "script>alert(0)". The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.