Description
WordPress Theme OneTone is prone to an unauthenticated Stored Cross-Site Scripting vulnerability in version 3.0.6 and below.
Remediation
Remove the theme from your WordPress installation.
References
Vulnerability Information at wpvulndb.com
Unauthenticated stored XSS vulnerability in WordPress OneTone theme
Related Vulnerabilities
WordPress Plugin WP Songbook Cross-Site Scripting (2.0.11)
WordPress Plugin Unlimited Pop-Ups Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
WordPress Plugin Fotobook Cross-Site Scripting (3.2.3)
WordPress Plugin XO Security Cross-Site Scripting (1.5.2)
WordPress Plugin WP-Stats-Dashboard Multiple Cross-Site Scripting Vulnerabilities (2.6.5.1)