Every WordPress Plugin or theme that used the genericons package is potentially vulnerable to a DOM-based XSS vulnerability.