• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

virusword.com

Learn Wordpress

  • Home
  • WordPress Shop
    • Fotopress
    • SEO Tool Kit
    • Social Contact
    • Tag Machine 2
    • Video Profits
  • Latest News
  • WordPress
    • Plugins
    • Themes
    • Tutorials
    • Videos
    • Woocommerce
  • About Us
  • Contact Us
    • Terms of Service
    • Privacy Policy
  • Show Search
Hide Search
Home/Woocommerce/Critical Vulnerabilty Detected in WooCommerce

Critical Vulnerabilty Detected in WooCommerce

On July 13, 2021, a critical vulnerability concerning WooCommerce and the WooCommerce Blocks feature plugin was identified and responsibly disclosed by security researcher Josh, via our HackerOne security program.

Upon learning about the issue, our team immediately conducted a thorough investigation, audited all related codebases, and created a patch fix for every impacted version (90+ releases) which was deployed automatically to vulnerable stores.

I have a WooCommerce store – what actions should I take?

Automatic software updates are currently rolling out to all stores running impacted versions of each plugin – we still highly recommend you ensure that you’re using the latest versions of WooCommerce and WooCommerce Blocks (5.5.1).

To do this without causing issues, first update to the highest number possible in your release branch – this will ensure your website is no longer vulnerable. 

For example: If your store is running WooCommerce 4.8, first update to WooCommerce 4.8.1 – the highest version number in that branch – before going ahead and updating to WooCommerce 5.5.1.

Following this, it’s always a good idea to keep up-to-date with the latest versions of WooCommerce. Take a look at our guide on how to update WooCommerce safely.

Has any data been compromised?

Our investigation into this vulnerability and whether data has been compromised is ongoing. We will be sharing more information with site owners on how to investigate this security vulnerability on their site, which we will publish on our blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.

Is WooCommerce still safe to use?

Yes.

Incidents like this are uncommon, but do unfortunately sometimes happen. Our intention is always to respond immediately and operate with complete transparency. 

Since learning of the vulnerability, the team has worked around the clock to ensure that a fix has been put in place, and our users have been informed. 

Our continued investment in platform security allows us to prevent the vast majority of issues – but in the rare cases that could potentially impact stores, we strive to fix quickly, communicate proactively, and work collaboratively with the WooCommerce Community.

How do I know if my version is up-to-date?

The table below contains the full list of patched versions for both WooCommerce and WooCommerce Blocks. If you are running a version of WooCommerce or WooCommerce Blocks that is not on this list, please update immediately.

Patched WooCommerce versions Patched WooCommerce Blocks versions
3.3.6 2.5.16
3.4.8 2.6.2
3.5.9 2.7.2
3.6.6 2.8.1
3.7.2 2.9.1
3.8.2 3.0.1
3.9.4 3.1.1
4.0.2 3.2.1
4.1.2 3.3.1
4.2.3 3.4.1
4.3.4 3.5.1
4.4.2 3.6.1
4.5.3 3.7.2
4.6.3 3.8.1
4.7.2 3.9.1
4.8.1 4.0.1
4.9.3 4.1.1
5.0.1 4.2.1
5.1.1 4.3.1
5.2.3 4.4.3
5.3.1 4.5.3
5.4.2 4.6.1
5.5.1 4.7.1
4.8.1
4.9.2
5.0.1
5.1.1
5.2.1
5.3.2
5.4.1
5.5.1

If you have any further concerns or questions regarding this issue, our team of Happiness Engineers is on hand to help – open a support ticket.

Like this:

Like Loading…

Source link

Written by:
Abdul Wahid
Published on:
July 18, 2021

Categories: Woocommerce

Primary Sidebar

Wordpress

  • Content Management Systems (2)
  • Digital Marketing (4)
  • Internet Marketing (6)
  • Latest News (458)
  • Online Business (2)
  • Plugins (519)
  • Themes (521)
  • Videos (1,350)
  • Website Development (1)
  • Woocommerce (589)
  • WordPress (6)

Recent Articles

Unlock Your Internet Marketing Success with WordPress: The Ultimate CMS for Achieving Online Goals

WordPress: A Powerhouse for Achieving Internet …

Continue Reading about Unlock Your Internet Marketing Success with WordPress: The Ultimate CMS for Achieving Online Goals

Unlock Your Internet Marketing Potential with WordPress: A Comprehensive Guide

How to Use WordPress to Achieve Your Internet …

Continue Reading about Unlock Your Internet Marketing Potential with WordPress: A Comprehensive Guide

Search our site

Explore more

Get our Wordpress Guide Get Plugins Get Connected

Footer

VirusWord by Promaps, Inc.

Barnes Place
Colombo 7, Western 00700

Copyright © 2025 · Promaps, Inc.

Keep In Touch

  • Email
  • Facebook
  • Instagram
  • Pinterest
  • Twitter