CSRF leading to XSS Sanitisation against XSS added in 1.70, however no CSRF checks are performed.
plugins.trac.wordpress.org/changeset?reponame=&new=2079301%40advanced-woo-search&old=2077958%40advanced-woo-search