Back to WordPress theme testing.
According to my tests, the following premium WordPress themes by imediapixel are affected by a reflected Cross-site Scripting (XSS) vulnerability:
Themeforest forum - no responses.
I have also tested some corporate sites using the ECOBIZ theme. They were all affected.
Based on the Themeforest purchase statistics, there could be over 4,000 affected websites.
WordPress Themes: XSS Vulnerabilities and Secure Coding Practices by Tony Perez