CVE-2017-18356
Summary: CVE-2017-18356 affects the WordPress WooCommerce plugin prior to 3.2.4. The issue is a PHP object injection in WC_Shortcode_Products::get_products() triggered via crafted strings in shortcodes, enabled after an attacker with at least Shop Manager privileges gains access to the target sit...