Bleeping Computer

WordPress force patching WooCommerce plugin with 500K installs

Automattic, the company behind the WordPress content management system, is force installing a security update on hundreds of thousands of websites running the highly popular WooCommerce Payments for ...
Searchenginejournal.com

Vulnerabilities Discovered in Five WooCommerce WordPress Plugins

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...
Bleeping Computer

WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover

A design flaw in the WordPress permission system used by plugins and a file deletion vulnerability in a very popular eCommerce plugin called WooCommerce could allow attackers to gain full control over ...
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
TechRadar

WordPress force updates thousands of websites following WooCommerce security breach

Top website builder WordPress has pushed an urgent update to users with the WooCommerce add-on installed in response to a highly disruptive security vulnerability. Cybersecurity researchers from ...
Infosecurity-magazine.com

Flaw Leads to RCE in WordPress Plugins, WooCommerce

A WordPress design flaw could grant an attacker remote code execution, leading to a privilege escalation in WooCommerce and other WordPress plugins, according to RIPS Technologies. In a 6 November ...