Bleeping Computer

WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover

A design flaw in the WordPress permission system used by plugins and a file deletion vulnerability in a very popular eCommerce plugin called WooCommerce could allow attackers to gain full control over ...
Searchenginejournal.com

WooCommerce WordPress Plugin Exploit Enables Fraudulent Charges

The WooCommerce Square plugin enables WordPress sites to accept payments through the Square POS, as well as synchronize product inventory data between Square and WooCommerce. Square plugin enables a ...
Searchenginejournal.com

Vulnerabilities Discovered in Five WooCommerce WordPress Plugins

The U.S government National Vulnerability Database (NVD) published warnings of vulnerabilities in five WooCommerce WordPress plugins affecting over 135,000 installations. Many of the vulnerabilities ...
Bleeping Computer

WordPress WooCommerce stores under attack, patch now

Hackers are actively targeting and trying to exploit SQL injection, authorization issues, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities in the Discount Rules for ...
CSOonline

Critical flaw in WooCommerce can be used to compromise WordPress websites

WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over websites. Technical details about the vulnerability ...