VYPR
Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025

Welcart e-Commerce < 2.8.4 - Multiple Subscriber+ Stored Cross-Site Scripting

CVE-2022-3935

Description

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.