WooCommerce <= 3.2.3 - Authenticated PHP Object InjectionSign up to our free email alerts service for instant vulnerability notifications!
"Versions 3.2.3 and earlier are affected by an issue where cached queries within shortcodes could lead to object injection. This is related to the recent WordPress 4.8.3 security release. This issue can only be exploited by users who can edit content and add shortcodes, but we still recommend all users running WooCommerce 3.x upgrade to 3.2 to mitigate this issue."
fixed in version 3.2.4
|Publicly Published||2017-11-16 (7 months ago)|
|Added||2018-02-23 (4 months ago)|
|Last Updated||2018-04-12 (2 months ago)|
Copyright & License
|Copyright||All data and resources contained within this page and this web site is Copyright © The WPScan Team.|
|License||Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.|