The plugin called “Product Carousel For WooCommerce – WoorouSell” for WordPress has a security issue in versions 1.1.0 and below. This is because it does not properly clean up user input and output, allowing attackers with contributor-level access or higher to add harmful scripts to web pages. This can cause these scripts to run whenever a user goes to the affected page.