2 matches found
CVE-2023-5951
The Welcart e-Commerce WordPress plugin before 2.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-5951
CVE-2023-5951 concerns the Welcart e-Commerce WordPress plugin pre-2.9.5, where a parameter is not sanitized/escaped before being echoed back in the page, causing a Reflected XSS . The root cause is improper output handling of a parameter, enabling an attacker to trigger script execution in conte...