The Welcart e-Commerce WordPress plugin prior to 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
collne welcart e-commerce |