CVE-2016-10999

CVE-2016-10999

The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter.

Source: CVE-2016-10999