WordPress · Wpwax Product Carousel Slider & Grid Ultimate · CVE-2025-24681
**Name of the Vulnerable Software and Affected Versions**
wpWax Product Carousel Slider & Grid Ultimate for WooCommerce versions 1.10.0 and earlier
**Description**
The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks.
**Recommendations**
For versions 1.10.0 and earlier, update to a version later than 1.10.0 to resolve the issue.
At the moment, there is no information about other mitigation measures for this specific issue.