A vulnerability categorized as problematic has been discovered in idealwebdesignlk Whole Enquiry Cart for WooCommerce Plugin up to 1.2.1 on WordPress. This affects the function
woowhole_success_msg. The manipulation results in cross site scripting.
This vulnerability was named CVE-2026-2838. The attack may be performed from remote. There is no available exploit.
