There is Cross-SIte Scripting on this theme. When you try to search posts if you enter any HTML or js script code it does not filter it or al it does not HTML encode special characters.
Example payload:
<img src=x onerror=alert(1) />
It would be best if you sanitized input or HTML encoded all special characters
Security Vulnerability
There is Cross-SIte Scripting on this theme. When you try to search posts if you enter any HTML or js script code it does not filter it or al it does not HTML encode special characters.
Example payload:
<img src=x onerror=alert(1) />
It would be best if you sanitized input or HTML encoded all special characters