CVE-2016-10953
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
5.4CVSS
5.3AI Score
0.001EPSS