Critical Vulnerability Detected in WooCommerce – Update Now
July 15, 2021

On July 13, 2021, a critical vulnerability affecting WooCommerce and the WooCommerce Blocks feature plugin was identified and disclosed via the HackerOne security program.

This morning, version 5.5.1 was released as a patch fix to protected WooCommerce Stores.

I have a WooCommerce store – what action should I take?

If you’re on one of our Blink Web Maintenance Plans, we have already applied and tested the latest patch on your store. If not, we recommend logging in to your WordPress website and ensuring your WooCommerce version is 5.5.1 or later.

Has any data been compromised?

WooCommerce are conducting an investigation into this vulnerability and whether data has been compromised. They will be sharing more information with site owners on how to investigate this security vulnerability on their site, which they will publish on their blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.

Related Posts

PHP 7.4 – End Of Life

PHP 7.4 – End Of Life

As of today (1st December 2022) PHP 7.4 is now end of life. This means this PHP release is no longer supported and users of this release should upgrade as soon as possible as they may be exposed to unpatched security vulnerabilities. PHP 8.x adoption among WordPress...

Keep your e-commerce business safe this Black Friday

Keep your e-commerce business safe this Black Friday

As online retail is ramping up in preparation for Black Friday & Cyber Monday, so too are the hackers. Most store owners are focusing on increasing sales but do not forget about your website security at this crucial time. Last year Black Friday weekend sales...