CVE-2016-10993
The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.
5.4CVSS
5.3AI Score
0.002EPSS