Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
patchstack.com/database/vulnerability/minimum-purchase-for-woocommerce/wordpress-minimum-purchase-for-woocommerce-plugin-2-0-0-1-cross-site-scripting-xss-vulnerability
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/minimum-purchase-for-woocommerce/minimum-purchase-for-woocommerce-2001-authenticated-contributor-stored-cross-site-scripting