Is Your WordPress Site Using WooCommerce?
Don’t fall asleep on the job because there’s another quick security update. That’s two of the top ten WordPress Plugins with updates this week! First Yoast’s WP-SEO and now with over a million installs WooCommerce.
NOTE: If you Unlimited WordPress Support from WPBlogSupport.com and have WooCommerce installed on your site you are safe from this vulnerability – your site has already been updated.
According to WordFence our security partner…
Yesterday Matt Barry, one of our researchers at Wordfence discovered a SQL injection vulnerability in WooCommerce version 2.3.5 and older during a code audit of the plugin repository. WooCommerce is installed on over 1 million active WordPress websites.
We immediately contacted Woo about the issue and they’ve been incredibly responsive, releasing a fix this morning with their release of WooCommerce version 2.3.6. [Internally we’re actually shocked at how fast this went out. Great team, great product!!]
We strongly recommend you immediately upgrade if you have not already.
What to do: If you don’t have Unlimited WordPress Support please manually upgrade immediately to version 2.3.6 of WooCommerce which contains the fix.
