Site icon inlineVision: Web Development / E-Commerce / PPC | Las Vegas, NV

Woocommerce Security Woos

ICYMI: Earlier this week, woocommerce sent out emails about a newly discovered vulnerability affecting all plugin versions from 3.3 – 5.5. urging all customers to immediately update their installations (Read their announcement: woocommerce blog)

Bugs and vulnerabilities get discovered every day; it’s part of the process. Most of them “fly under the radar” and get patched in a timely fashion; and most people (= website owners) never even hear about it (nor do they care too much either); and the majority of webmasters only notice them when there’s an “update available” link on their WordPress plugins page; as they shrug and click “update now”.

Hardly ever do software companies take the action woocommerce decided to take this week: Send out emails to shop admins notifying them of the vulnerability and patch dozens of versions – not just the latest (few).

Woocommerce went out of their way to patch versions going all the way back to the 3.3. branch, which was released in January 2018 – more than 3 (!) years ago and force-update to patched versions.

Only ~7% of woocommerce installations are up-to-date

According to wptavern, only around 7% of active woocommerce installations are up-to-date (running version 5.5.) at the time of this writing.

Source & credit: https://wptavern.com/woocommerce-patches-critical-vulnerability-sending-forced-security-update-from-wordpress-org

Summary

As always – if you are running a website, especially an e-commerce store, make sure your software is up-to-date; or at least ask your webmaster to do so. You are responsible if your data is breached and your customers’ data is leaked.

Related Posts

Citibank and Other Bank Scam Text Messages

5-Star Luxury Vacation Apartments Villa Frigga &#0…

Douglas Leferovich – Creative Director | Fea…

Hostgator Account Phishing Emails

Exit mobile version