WordPress WooCommerce myghpay Payment Gateway plugin cross-site scripting vulnerability

The WooCommerce myghpay Payment Gateway plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in the WordPress WooCommerce myghpay Payment Gateway plugin, which stems from ~/processresponse. php’s clientref parameter lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.