Vulnerability Description
In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Woocommerce | Woocommerce | < 3.2.4 |
Related Weaknesses (CWE)
References
- https://blog.ripstech.com/2018/woocommerce-php-object-injection/ExploitThird Party Advisory
- https://woocommerce.wordpress.com/2017/11/16/woocommerce-3-2-4-security-fix-releRelease Notes
- https://blog.ripstech.com/2018/woocommerce-php-object-injection/ExploitThird Party Advisory
- https://woocommerce.wordpress.com/2017/11/16/woocommerce-3-2-4-security-fix-releRelease Notes
FAQ
What is CVE-2017-18356?
CVE-2017-18356 is a vulnerability with a CVSS score of 8.8 (HIGH). In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attack...
How severe is CVE-2017-18356?
CVE-2017-18356 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18356?
Check the references section above for vendor advisories and patch information. Affected products include: Woocommerce Woocommerce.