A Reflected XSS vulnerability has been found in the SW Ajax WooCommerce Search plugin.
Please make sure you update this plugin immediately to version 1.2.8
SW Ajax WooCommerce Search plugin is bundled with many themes from ThemeForest and WPthemego, including:
OneMall, Revo, eMarket, Autusin, Market, MaxShop, ShoppyStore, Furnicom, EtroStore, HiTheme, StyleShop, TopDeal, Victo, Avesa, Soaz, Binace, Houskit, Gaion, Furniki, Rozy, SecretSho, BosMarket, Siezz, HiStore, Ecomart, iMarket, NeoMarket, 9Merry, LeVogue, Floris, Alishop, KONStore, ShopyMall, DresShop, Shop4U, FurniHome, Tech8
Found by: https://ex-mi.ru/exploit/[2020-10-21]-[WordPress]-sw-ajax-woocommerce-search-plugin-v1.2.6.txt