Description
WordPress Theme OneTone is prone to an unauthenticated Stored Cross-Site Scripting vulnerability in version 3.0.6 and below.
Remediation
Remove the theme from your WordPress installation.
References
Vulnerability Information at wpvulndb.com
Unauthenticated stored XSS vulnerability in WordPress OneTone theme
Related Vulnerabilities
WordPress Plugin Pagination by BestWebSoft Cross-Site Scripting (1.0.6)
WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Scripting (1.8.1)
WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)
WordPress Plugin XEN Carousel Multiple Cross-Site Scripting Vulnerabilities (0.12.2)