CVE-2015-2973
CVE-2015-2973 describes multiple XSS vulnerabilities in the WordPress Welcart plugin prior to 1.4.18. The issue arises from insufficient filtering of the usces_referer parameter in admin-related scripts, allowing remote attackers to inject arbitrary JavaScript/HTML via endpoints including classes...