Do you use the ‘Product Vendors’ Plugin for WooCommerce on your website?
Important information of an XSS Vulnerability found today
A reflected cross site scripting vulnerability has been reported in a premium WordPress plugin for WooCommerce called the ‘Product Vendors‘ plugin, which is used by nearly 30% of all online WooCommerce onl;ine shopping sites.
This affects Product Vendors version 2.0.35.
If you are using this plugin, you need to upgrade immediately to at least version 2.0.36, which includes the fix. The current version of Product Vendors is 2.0.40.
For more information and to keep informed of current web security issues, we highly recommend following the Wordfence website and blog