WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Booster for WooCommerce plugin prior to 5.4.9. create_products_xml_result parameter is escaped and filtered, an attacker can use this vulnerability to execute JavaScript code on the client side.