CVE-2023-5951

Name of the Vulnerable Software and Affected Versions Welcart e-Commerce WordPress plugin versions prior to 2.9.5

Description The issue is related to a Reflected Cross-Site Scripting that could be used against high privilege users such as admin. This occurs because the plugin does not sanitise and escape a parameter before outputting it back in the page.

Recommendations For versions prior to 2.9.5, update to version 2.9.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.