CVE-2022-3935 Information

Description

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters which could allow any authenticated users such as subscriber to perform Stored Cross-Site Scripting attacks

Reference

https://wpscan.com/vulnerability/906c5122-dd6d-494b-b66c-4162e234ea05