WooCommerce <= 3.4.4 - Potential Object Injection
According to WooCommerce: "Versions 3.4.4 and earlier are affected by an issue where a function that updates attributes could lead to object injection. This is related to the WordPress 4.8.3 security release. This issue can only be exploited by users who can edit attributes and should not be possible to exploit through the WordPress administrative screens, but we still recommend all users running WooCommerce 3.x upgrade to 3.4.5 to mitigate this issue. Thanks to slavco for responsibly disclosing the vulnerability to us."
fixed in version 3.4.5
|Publicly Published||2018-08-29 (11 months ago)|
|Added||2018-08-30 (11 months ago)|
|Last Updated||2018-08-30 (11 months ago)|