Wix websites are vulnerable to reflective DOM cross-site scripting attack that could give attackers control of user’s websites.
Source: Threadpost