Critical Vulnerability found in WooCommerce: Here’s What you Need to Do
WooCommerce has detected a critical vulnerability in the system, and a forced update is being rolled out to repair the issue. Publishers should update as soon as possible to ensure they are protected.
On 13 July 2021, a critical vulnerability was identified concerning publishers using the WooCommerce and WooCommerce Blocks Plugins. Upon detecting the issue, the WooCommerce team immediately investigated and created a patch fix for over 90 affected versions, which has been distributed automatically to the affected stores.
What to do as a WooCommerce Shop Owner
Although the updates are automatic, there have been reports from some publishers saying that they have yet to receive the update. Therefore, it is paramount to check and update manually if the site has not yet been updated to the highest version of your WooCommerce release branch.
Be sure that you always keep up-to-date with the latest version of WooCommerce. There is a helpful guide on how to update WooCommerce safely here.
Has your data been breached?
There is currently no evidence of attacks compromising WordPress sites.
According to WooCommerce:
“If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.”
Refer to WooCommerce’s blog post regarding this matter to read more.
Is it still safe to use WooCommerce?
The WooCommerce team has been working 24/7 to create a fix and to ensure all users have been made aware of the issue.
While these incidents are infrequent, they sadly do happen. WooCommerce promises that they will endeavor to respond swiftly and with as much clarity as possible.
How to Ensure your Version is Up-To-Date
WooCommerce has posted a helpful table that contains a full list of patched versions for WooCommerce and WooCommerce Blocks. View the table here.
If your site is on Version 3.3, all the way to 5.5, you must update your site urgently. Contact us today for assistance in updating your WooCommerce store.