[MEDIUM] WooCommerce WordPress plugin before 6.6.0 vulnerable to stored HTML injection

PKSA-sgm3-pd55-zhds CVE-2022-2099 GHSA-jwvf-28fg-g4xg

Affected version: <6.6.0

Reported by:
GitHub

[MEDIUM] Woocommerce Cross-site Scripting via Additional tax classes field when taxes are enabled

PKSA-5c3v-z6jw-1fgc CVE-2021-24323 GHSA-mp46-7x6q-f28m

Affected version: <5.2.0

Reported by:
GitHub