CVE-2021-24999
The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjnotice parameter before outputting it back in the admin dashboard when the Pdf Invoicing module is enabled, leading to a Reflected Cross-Site Scripting...