
WordPress advisory: Akal premium theme XSS vulnerability
This post describes the Akal premium WordPress theme XSS vulnerability that I discovered. The theme suffers from a reflected Cross Site Scripting (XSS) vulnerability that would allow an attacker to steal an admin’s cookie, if WordPress wasn’t secured against that type of attacks.