Hi – are you guys working to patch this? Are you aware of it? Wordfence, Patchstack, and other security plugins have flagged OnePress as a security risk. Here are the details:
“The OnePress theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.8 due to insufficient input sanitization and output escaping. “
“Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8.”
Wordfence currently recommends uninstalling and finding a replacement. I don’t intend on doing that, but are you able to provide an eta on this?
