WordPress Photocrati Theme - Cross Site Scripting

Because of this vulnerability in photocrati-gallery/ecomm-sizes.php, the attackers can inject arbitrary web script or HTML via the “prod_id” parameter.

Solution

           Update the theme.