A vulnerability has been recently found for the Fruitful Theme for versions <= 3.8

The Fruitful WordPress theme, version 3.8 and possibly below, was affected by an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability.

The vulnerability was patched in version 3.8.1 of the Theme, although the changelog file only mentions:

“Bug fix: Fixed issues on comment form”

Source: wpvulndb