Object Injection Vulnerability in WooCommerce

WooCommerce

Sucuri found an Object Injection Vulnerability in WooCommerce¬†which can be used by an attacker to download any file on the vulnerable server. The vulnerability is only present in websites using WooCommerce previous to version 2.3.11, which contains the patch, and when the “PayPal Identity Token” option is set. Depending on the environment the website is […]