CVE-2025-10651 | Welcart e-Commerce Plugin up to 2.11.22 on WordPress General Setting Page order_mail cross site scripting

October 22, 2025 Yanac

A vulnerability has been found in Welcart e-Commerce Plugin up to 2.11.22 on WordPress and classified as problematic. This vulnerability affects unknown code of the component General Setting Page. The manipulation of the argument order_mail leads to cross site scripting.

This vulnerability is referenced as CVE-2025-10651. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More