WooCommerce 3.2.6 is now available. This fixes various minor issues, and includes some more improvements to cart rounding.
~50 commits made it into this release. The full changelog is below.
* Fix - CSV Importer - Fix ID mapping to existing IDs. * Fix - CSV Importer - Unslash header fields to avoid extra slashes. * Fix - CSV Importer - Allow import and export of draft products. * Fix - CSV Importer - Get global attribute ID only when is a global attribute. * Fix - Remove URL fragment when appending geolocation hash. * Fix - Additional cart rounding fixes so rounding before subtotal works again. Added more unit tests. * Fix - Add BOM to exported report CSVs. * Fix - is_visible should ensure product is is not trashed before returning true. * Fix - Return packages with no rates back to the cart so the shipping calculator is displayed even when the current country is not shippable. * Fix - Merge session and persistent carts when both exists after login. * Fix - Remove "wc_error" query string after login. * Fix - Allow woocommerce_form_field() have 'custom_attributes' equal 0. * Fix - Bulk actions in status logs table. * Fix - Exclude add-to-cart from pagination links. * Fix - Updated $GLOBALS['post'] data in products shortcode to prevent theme conflicts. * Fix - Only remove base taxes in cart totals class if item is taxable. * Fix - REST API - Fixed date format in reports schema. * Fix - REST API - Updated product categories image schema. * Fix - REST API - UUse KSES for purchase_note like in admin. * Fix - REST API - Filter passed images before processing so they can be unset via querystring. * Tweak - Use protected instead of private methods to allow easy override in session handler. * Tweak - wc_lostpassword_url should not be used before init - added warning. * Localization - Update Japanese prefectures to include prefecture type.
Download the latest release of WooCommerce here or venture over to Dashboard → Updates to update your plugins from WordPress.
As usual, if you spot any other issues in WooCommerce core please log them in detail on Github, and to disclose a security issue to our team, please submit a report via HackerOne here. Comments on this post are closed.