In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WCShortcodeProducts::get_products() use of cached queries within shortcodes.
{
"source": "CPE_RANGE",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "3.2.4"
}
],
"cpe": "cpe:2.3:a:woocommerce:woocommerce:*:*:*:*:*:wordpress:*:*"
}