{"id":24876,"date":"2021-07-20T09:31:08","date_gmt":"2021-07-20T14:31:08","guid":{"rendered":"https:\/\/www.webstix.com\/?p=24876"},"modified":"2021-07-20T09:31:08","modified_gmt":"2021-07-20T14:31:08","slug":"critical-vulnerability-detected-in-woocommerce","status":"publish","type":"post","link":"https:\/\/staging.webstix.net\/WSX\/wp\/support-blog\/critical-vulnerability-detected-in-woocommerce\/","title":{"rendered":"Critical Vulnerability Detected in WooCommerce"},"content":{"rendered":"

A critical vulnerability<\/a> concerning WooCommerce and the WooCommerce Blocks feature plugin was identified.<\/p>\n

What actions should I take?<\/h3>\n

Automatic software updates are currently rolling out to all stores running impacted versions of each plugin \u2013 we still highly recommend you ensure that you\u2019re using the latest versions of WooCommerce and WooCommerce Blocks (5.5.1).<\/p>\n

To do this without causing issues, first update to the highest number possible in your release branch \u2013 this will ensure your website is no longer vulnerable.<\/p>\n

For example:<\/strong> If your store is running WooCommerce 4.8, first update to WooCommerce 4.8.1 \u2013 the highest version number in that branch \u2013 before going ahead and updating to WooCommerce 5.5.1.<\/p>\n

It\u2019s always a good idea to keep up-to-date with the latest versions of WooCommerce.<\/p>\n

Has any data been compromised?<\/h3>\n

Woocommerce investigation into this vulnerability and whether data has been compromised is ongoing. They will be sharing more information with site owners on how to investigate this security vulnerability on their site, which they will publish on their blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.<\/p>\n

Is WooCommerce still safe to use?<\/h3>\n

Yes.<\/p>\n

Incidents like this are uncommon, but do unfortunately sometimes happen.<\/p>\n

Since learning of the vulnerability, the WooCommerce team has worked around the clock to ensure that a fix has been put in place, and users have been informed.<\/p>\n

Our continued investment in platform security allows them to prevent the vast majority of issues \u2013 but in the rare cases that could potentially impact stores, they strive to fix quickly, communicate proactively, and work collaboratively with the WooCommerce Community.<\/p>\n

How do I know if my version is up-to-date?<\/h3>\n

The table below contains the full list of patched versions for both WooCommerce and WooCommerce Blocks. If you are running a version of WooCommerce or WooCommerce Blocks that is not on this list, please update immediately.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Patched WooCommerce versions<\/b><\/td>\nPatched WooCommerce Blocks versions<\/b><\/td>\n<\/tr>\n
3.3.6<\/td>\n2.5.16<\/td>\n<\/tr>\n
3.4.8<\/td>\n2.6.2<\/td>\n<\/tr>\n
3.5.9<\/td>\n2.7.2<\/td>\n<\/tr>\n
3.6.6<\/td>\n2.8.1<\/td>\n<\/tr>\n
3.7.2<\/td>\n2.9.1<\/td>\n<\/tr>\n
3.8.2<\/td>\n3.0.1<\/td>\n<\/tr>\n
3.9.4<\/td>\n3.1.1<\/td>\n<\/tr>\n
4.0.2<\/td>\n3.2.1<\/td>\n<\/tr>\n
4.1.2<\/td>\n3.3.1<\/td>\n<\/tr>\n
4.2.3<\/td>\n3.4.1<\/td>\n<\/tr>\n
4.3.4<\/td>\n3.5.1<\/td>\n<\/tr>\n
4.4.2<\/td>\n3.6.1<\/td>\n<\/tr>\n
4.5.3<\/td>\n3.7.2<\/td>\n<\/tr>\n
4.6.3<\/td>\n3.8.1<\/td>\n<\/tr>\n
4.7.2<\/td>\n3.9.1<\/td>\n<\/tr>\n
4.8.1<\/td>\n4.0.1<\/td>\n<\/tr>\n
4.9.3<\/td>\n4.1.1<\/td>\n<\/tr>\n
5.0.1<\/td>\n4.2.1<\/td>\n<\/tr>\n
5.1.1<\/td>\n4.3.1<\/td>\n<\/tr>\n
5.2.3<\/td>\n4.4.3<\/td>\n<\/tr>\n
5.3.1<\/td>\n4.5.3<\/td>\n<\/tr>\n
5.4.2<\/td>\n4.6.1<\/td>\n<\/tr>\n
5.5.1<\/td>\n4.7.1<\/td>\n<\/tr>\n
<\/td>\n4.8.1<\/td>\n<\/tr>\n
<\/td>\n4.9.2<\/td>\n<\/tr>\n
<\/td>\n5.0.1<\/td>\n<\/tr>\n
<\/td>\n5.1.1<\/td>\n<\/tr>\n
<\/td>\n5.2.1<\/td>\n<\/tr>\n
<\/td>\n5.3.2<\/td>\n<\/tr>\n
<\/td>\n5.4.1<\/td>\n<\/tr>\n
<\/td>\n5.5.1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

If you need Woocommerce plugin upgrade done on your website, please contact us<\/a>.<\/p>\n

Thank you,
\n-Webstix Support<\/p>\n","protected":false},"excerpt":{"rendered":"

A critical vulnerability concerning WooCommerce and the WooCommerce Blocks feature plugin was identified. What actions should I take? Automatic software updates are currently rolling out to all stores running impacted versions of each plugin \u2013 we still highly recommend you ensure that you\u2019re using the latest versions of WooCommerce and WooCommerce Blocks (5.5.1). To do […]<\/p>\n","protected":false},"author":468,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-24876","post","type-post","status-publish","format-standard","hentry","category-support-blog"],"acf":[],"_links":{"self":[{"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/posts\/24876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/users\/468"}],"replies":[{"embeddable":true,"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/comments?post=24876"}],"version-history":[{"count":0,"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/posts\/24876\/revisions"}],"wp:attachment":[{"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/media?parent=24876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/categories?post=24876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/staging.webstix.net\/WSX\/wp\/wp-json\/wp\/v2\/tags?post=24876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}