Object Injection vulnerability in WooCommerce

Thanks to Sucuri Security blog, we are informed about a dangerous Object Injection vulnerability in WooCommerce (versions 2.0.20 2.3.10). It’s a serious threat to WooCommerce users, which can be exploited by hackers to attack the vulnerable server & download any file. If “PayPal Identity Token” option is set on your WooCommerce website, then you are at risk of being attacked.

 

WooCommerce Security Vulnerability

WooCommerce Security Vulnerability

 

Fortunately, in the latest patch 2.3.11, WooCommerce has the problem fixed, a number of other bug fixes are also included. For WooRockets, we’ve updated all demo sites of our WooCommerce themes. If you’re using avulnerable WooCommerce version,we strongly recommend that you update the pluginto latest version immediately.

WooRockets Team.

by Ivy Nguyen

Ivy is motived and inspired by passionate WordPress community. She is a curious and open-minded person who wants to learn about everything in the world.

Leave your comment

Ready to Sell Online?

Build Your Online Store with WooCommerce & Nitro Theme

Read more
Contact

Touch With Us