WooCommerce seriously compromised, be sure to update your online store
Security vulnerability discovered on July 13
For owners of online stores running on Woocommerce, we have important news to share. Well, on July 13 during the HackerOne program, critical vulnerabilities were discovered in the WooCommerce and WooCommerce Blocks plugins. Its effects could have serious consequences, so you need to update these plugins as soon as possible.
A serious threat to stores that has not existed before
There have been a few vulnerabilities in WooCommerce recently, but they did not pose as much of a threat as they do now. According to the information received in an email from the WoCommerce team, it is necessary to perform a quick update. This is an important issue, as the vulnerability results in the disclosure of user data such as IDs and passwords.
Quick response from the WooCommerce Team
The Woocommerce team, upon learning of the discovered vulnerability, took steps to diagnose and fix it. As a result, a patch has been prepared to secure the security vulnerability, but the investigation of the existing vulnerability is still ongoing.
I have a store on WooCommerce so what action should I take?
In 2-3 days, a plugin update will be forced, but the scale of the threat does not allow waiting. Therefore, the main recommendation for store owners running on WooCommerce is to perform an update of the WooCommerce and WooCommerce Blocks plugins.
If you have a store on WooCommerce and have problems with its operation, then you can use our help.