CVE-2022-2090 Information

Description

The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin’s discount rule page leading to Reflected Cross-Site Scripting

Reference

https://wpscan.com/vulnerability/0201f365-7acb-4640-bd3f-7119432f4917