Codoforum software patched against stored XSS vulnerability January 13, 2020 https://portswigger.net/daily-swig/codoforum-software-patched-against-stored-xss-vulnerability
Wilderssecurity.com also has a Content Security Policy (CSP) header not implemented: https://webbkoll.dataskydd.net/en/results?url=https://www.wilderssecurity.com/