WooCommerce Checkout Manager Plugin Security Vulnerabilities

Orlando WordPress Maintenance

Orlando WordPress Developer

If you have asked yourself “How do I customize my WooCommerce Checkout page?” There’s a luckily a WordPress plugin that can help you! WooCommerce Checkout Manager allows you to customise the fields on your WooCommerce Checkout page.Tis plugin allows to rename your “cart”, make check out fields optional or required, or even create fields to display the order time. Nonetheless, as with any plugin, sometimes security vulnerabilities emerge. So, make sure to read below on how to address vulnerabilities for Woocommerce Checkout Manager.

WordPress Plugin Vulnerabilities

On May 2nd, 2019 Woocommerce Checkout Manager released an update that fixes two vulnerabilities, which are:

An arbitrary file upload flaw present in certain configurations. According to WordFence, this issue was first ” irresponsibly published on April 23rd without privately notifying the plugin’s author.”

A flaw allowing attackers to delete media files from affected sites. In conjunction with the file upload feature, the previous versions of the plugin are able to delete the attachments users have uploaded at checkout.

In order to prevent this vulnerabilities from affecting websites with WooCommerce Checkout Manager, users should update to version 4.3 of the plugin.

Updating to 4.3 Woocommerce Checkout Manager

After being notified by WordFence about the issue, the plugin’s author fixed and released version 4.3 of the plugin. So, if possible, websites with the plugin should update immediately. However, WordaFence has deployed a firewall rule that addresses the flaw allowing hackers to delete the media files. Premium users have immediate access to this new rule, and free users will gain access in 30 days.

Although there has not been any reported exploitation of these vulnerabilities, we would like to emphasize the importance of preventing future issues by updating WooCoomerce Checkout Manager as soon as possible.


Orlando WordPress Website Maintenance

If you would like to have the best Orlando WordPress developers help you keep you WooCommerce website safe , contact us!! We are expert WordPress developers & designers located in Orlando, Florida.

 

Category: Orlando Ecommerce, Orlando Wordpress, Wordpress Orlando Tags: , , , , , No Comments
Wholesale Plugin for WooCommerce

Wholesale Plugin for WooCommerce

WordPress Developer It’s the dawn of a new era for online wholesale stores. WPExperts recently released a new WordPre... Read More »
wordpress web development

What Is the Best Live Chat Plugin for WordPress?

WordPress Web Development Customers like answers right away. If your website can’t provide them, they’re likely to ... Read More »
orlando wordpress developer

It’s Time to Update to WordPress 5.6

WordPress Web Development Yesterday, WordPress released their latest update, WordPress 5.6 “Simone.” If you are a w... Read More »