Name of the Vulnerable Software and Affected Versions:

Woocommerce check pincode/zipcode for shipping plugin for WordPress versions up to, and including, 2.0.4

Description:

The issue is due to missing or incorrect nonce validation, making it possible for unauthenticated attackers to inject malicious web scripts via a forged request. This can happen if an attacker can trick a site administrator into performing an action, such as clicking on a link.

Recommendations:

For versions up to, and including, 2.0.4, update to a version higher than 2.0.4 to resolve the issue.

As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.