Update Your WooCommerce Plugin to Avoid Object Injection Vulnerability

A dangerous “Object Injection” vulnerability has been discovered in the WooCommerce plugin, which could allow an attacker to download any file on the vulnerable server. Attackers potentially downloading critical files which can result in a full site compromise.

If your WooCommerce “PayPal Identity Token” is set, you are most at risk.

Update Immediately

If you are using a version lower than 2.3.11, update the plugin as soon as possible. Remember to back up your site before updating your WordPress and Plugins. For a worry-free backup service, subscribe to Doteasy Auto Site Backup for just $1.50/month. For more info about this vulnerability, please read this article from Sucuri.

Posted in: Plugins, Security

Comments

comments

Popular tags

custom-background custom-header custom-menu featured-images free responsive theme free WordPress plugin free WordPress theme full-width-template one-column responsive-layout responsive theme right sidebar sticky-post theme-options threaded-comments translation-ready two columns White WordPress plugin WordPress theme