Skip to content

Instantly share code, notes, and snippets.

@JulioPotier
Created June 11, 2015 11:40
Show Gist options
  • Save JulioPotier/102d4c31cc05f5ffa67d to your computer and use it in GitHub Desktop.
Save JulioPotier/102d4c31cc05f5ffa67d to your computer and use it in GitHub Desktop.
Patch WooCommerce 2.3.10 -> 2.3.11
<?php
/*
Plugin Name: Patch WooCommerce 2.3.10 -> 2.3.11 - Object Inhection Vulnerability
Author: SecuPress
*/
add_action( 'plugins_loaded', 'patch_woocommerce_2310', 1 );
function patch_woocommerce_2310() {
if ( isset( $_REQUEST['cm'] ) ) {
$raw_custom = $_REQUEST['cm'];
$custom = sanitize_text_field( stripslashes( $_REQUEST['cm'] ) );
if ( ( false === ( $custom = json_decode( $raw_custom ) ) ) || ! is_object( $custom ) &&
! preg_match( '/^a:2:{/', $raw_custom ) || preg_match( '/[CO]:\+?[0-9]+:"/', $raw_custom ) ||
( false === $custom = maybe_unserialize( $raw_custom ) )
) {
$_REQUEST['cm'] = 'a:2:{i:0;i:0;i:1;i:0;}';
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment