The Coupon Affiliates plugin for WordPress, which is used with WooCommerce, has a security vulnerability called Reflected Cross-Site Scripting. This means that hackers can insert harmful code into a webpage if they can trick a user into clicking on a link. This can happen in all versions up to and including 6.3.0 due to insufficient protection against harmful code.