https://www.bleepingcomputer.com/news/security/wordpress-woocommerce-stores-under-attack-patch-now/

Hackers are actively targeting and trying to exploit SQL injection, authorization issues, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities in the Discount Rules for WooCommerce WordPress plugin with more than 30,000 installations.

Discount Rules for WooCommerce is a plugin that makes it simple to manage product pricing and discount campaigns on WooCommerce online stores.