Popular WooCommerce WordPress Plugin Patches Critical Vulnerability
eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. WooCommerce is one the most popular eCommerce plugins for WordPress that helps websites to upgrade their standard blog to a powerful online store.
WooCommerce powers nearly 35% of e-stores on the internet, with more than 4 million installations.
When installed, WooCommerce extension creates “Shop Managers” accounts with “edit_users” capability, allowing them to edit customer accounts of the store in order to manage their orders, profiles, and products.
In WordPress, an account with “edit_users” capability by default allowed to even edit an administrator account and reset its password. But to draw a permission-based line between an administrator and a shop manager account, the WooCommerce plugin adds some extra limitations on the shop managers.
Install WooCommerce and WordPress Patch Updates
If you haven,t yet updated your WordPress and Woocommerce, you are highly recommended to install the latest available security updates as soon as possible.