CVE-2022-4655
Description
The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack.
References
ExploitThird Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics