WooCommerce MySQL replace to RCE
This bug is 0day, but same as this bug was reported in the past. Try to fix here and fix here. Anyway, in the Woo code there is another DB query that modifies serialized PHP content outside from serialize / unserialize PHP functions and that results into user object injection. Beside numerous tries to harden WP, …