For more info please read the 4.0 release notes.
XSS vulnerability resolved
A cross-site scripting (XSS) vulnerability in the activity stream is identified and resolved. Affected versions are RefinedWiki Original Theme 3.x - 4.0.x. We recommend you to upgrade to this version: 4.0.12. Fixes are also included in version 3.5.13 and version 4.1.
Our thanks to Manuel Hofer (SEC Consult Vulnerability Lab) who reported the XSS vulnerability.