WordPress Plugin WooCommerce Object Injection

WordPress Plugin WooCommerce is prone to a vulnerability that lets remote attackers inject arbitrary code because the application fails to sanitize user-supplied input before being passed to the maybe_unserialize() function. Attackers can possibly exploit this issue to download any file on the vulnerable server. WordPress Plugin WooCommerce version 2.3.10 is vulnerable prior versions may also be affected.