CVE-2017-18356

HIGH

WooCommerce < 3.2.4 - Authenticated PHP Object Injection via Shortcode Cached Query

Title source: llm
STIX 2.1

Description

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes.

References (2)

Core 2

Scores

CVSS v3 8.8
EPSS 0.0196
EPSS Percentile 77.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (1)
woocommerce/woocommerce < 3.2.4
Published Jan 15, 2019
Tracked Since Feb 18, 2026