CVE-2019-15870

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field.