3 matches found
CVE-2022-3935
The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks...
CVE-2022-3935
The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks...
CVE-2022-3935
The vulnerability CVE-2022-3935 affects the Welcart e-Commerce WordPress plugin before version 2.8.4. The root cause is inadequate sanitization/escaping of certain parameters, enabling Stored Cross-Site Scripting (XSS) when exploited by authenticated users (e.g., subscribers). Some connected sour...