Unauthenticated Cross Site Scripting (XSS) in eCommerce Product Catalog <= 3.5.4 versions.
Update the WordPress eCommerce Product Catalog Plugin to the latest available version (at least 3.5.5).