Unauthenticated SQL Injection Vulnerability Discovered in WooCommerce

Jeff Matson

An unauthenticated SQL Injection vulnerability affecting versions of WooCommerce on more than 5 million websites on the Internet has been disclosed to the public by Automattic. Due to the nature of the vulnerability, the WooCommerce team is rolling out compulsory patching on minor versions -- even if automatic plugin updates are disabled within WooCommerce or Pagely. Vulnerability Details We won't provide specific details, but we can say that the function…

Read the full article.

New posts to your inbox.