An Object Injection Vulnerability has been discovered in the WooCommerce WordPress plugin by Sucuri. Web sites are only vulnerable if you use WordPress, WooCommerce and you have the “PayPal Identify Token” option set. Full details are available on the Sucuri Blog.
Tags: WooCommerceWordPress