For Woo Commerce users on WordPress
The security team at Wordfence discovered a SQL injection vulnerability in WooCommerce version 2.3.5 and older during a code audit of the plugin repository.
WooCommerce is installed on over 1 million active WordPress websites.
We recommend that anyone with a WooCommerce installation either contact their developer to alert them or visit the Woo Commerce web site to download the new release of WooCommerce, version 2.3.6.
Here is the link: