CVE-2026-2838 | idealwebdesignlk Whole Enquiry Cart for WooCommerce Plugin up to 1.2.1 on WordPress woowhole_success_msg cross site scripting

A vulnerability categorized as problematic has been discovered in idealwebdesignlk Whole Enquiry Cart for WooCommerce Plugin up to 1.2.1 on WordPress. This affects the function woowhole_success_msg. The manipulation results in cross site scripting.

This vulnerability was named CVE-2026-2838. The attack may be performed from remote. There is no available exploit.