In WSL2, there is an internal network created between Windows and WSL2, with the range 172.16.0.0/12.

Whilst X-Windows servers such as VcSrv are likely to listen on the generic IP 0.0.0.0, port 6XXX, a security-minded PC setup should block all incoming connections from the externally-facing interfaces (e.g. Ethernet, WiFi) and only allow connections from the internal network.

Therefore, when looking for the Host IP of the X-Server running on Windows, WSL2 should connect to the internal IP.

There are multiple ways that this internal IP can be dynamically determined. One way is:
ip route list default | awk '{print $3}'

Every time that WSL2 is restarted (including when the PC is rebooted), the address assigned to the WSL2 instance and to the Windows host can potentially change, so the determination of the Host IP address should use one of the mechanisms for determining the changing IP.

(Note: This security mechanism of using the firewall to block incoming connections from externally-facing interfaces can be used to enhance the xauth mechanism - providing greater defense-in-depth for the system).