Woocommerce Security Woos » Blog: E-Commerce, Blog: Security, FAQs & Blog - inlineVision: Web Development / E-Commerce / PPC | Las Vegas, NV | High-Performance Websites & E-Commerce Solutions

Woocommerce Security Woos

Jul 17th, 2021

ICYMI: Earlier this week, woocommerce sent out emails about a newly discovered vulnerability affecting all plugin versions from 3.3 – 5.5. urging all customers to immediately update their installations (Read their announcement: woocommerce blog)

woocommerce email

Bugs and vulnerabilities get discovered every day; it’s part of the process. Most of them “fly under the radar” and get patched in a timely fashion; and most people (= website owners) never even hear about it (nor do they care too much either); and the majority of webmasters only notice them when there’s an “update available” link on their WordPress plugins page; as they shrug and click “update now”.

Hardly ever do software companies take the action woocommerce decided to take this week: Send out emails to shop admins notifying them of the vulnerability and patch dozens of versions – not just the latest (few).

Woocommerce went out of their way to patch versions going all the way back to the 3.3. branch, which was released in January 2018 – more than 3 (!) years ago and force-update to patched versions.

woocommerce 3.3. - Jan 2018

Only ~7% of woocommerce installations are up-to-date

According to wptavern, only around 7% of active woocommerce installations are up-to-date (running version 5.5.) at the time of this writing.

woocommerce versions

Source & credit: https://wptavern.com/woocommerce-patches-critical-vulnerability-sending-forced-security-update-from-wordpress-org

Summary

As always – if you are running a website, especially an e-commerce store, make sure your software is up-to-date; or at least ask your webmaster to do so. You are responsible if your data is breached and your customers’ data is leaked.

Related Posts

[easy-social-share buttons="facebook,twitter,linkedin" counters=1 counter_pos="rightm" total_counter_pos="none" hide_names="yes"]