Persistent Cross-Site Scripting in WooCommerce WordPress plugin

Hello, I've discovered a persistent Cross-Site Scripting vulnerability in the WooCommerce. Yesterday I created a support ticket on the website, but today someone told me about the bug bounty program, so here we go. The vulnerability was discovered during a month long security project to find vulnerabilities in WordPress plugins. For more information about the project see: https://sumofpwn.nl My advisory can be found in the attachment in text format. If there are any questions please let me know, I'm happy to help. With kind regards, Sipke