WooCommerce Checkout Manager Plugin Security Vulnerabilities

Orlando WordPress Maintenance

Orlando WordPress Developer

If you have asked yourself “How do I customize my WooCommerce Checkout page?” There’s a luckily a WordPress plugin that can help you! WooCommerce Checkout Manager allows you to customise the fields on your WooCommerce Checkout page.Tis plugin allows to rename your “cart”, make check out fields optional or required, or even create fields to display the order time. Nonetheless, as with any plugin, sometimes security vulnerabilities emerge. So, make sure to read below on how to address vulnerabilities for Woocommerce Checkout Manager.

WordPress Plugin Vulnerabilities

On May 2nd, 2019 Woocommerce Checkout Manager released an update that fixes two vulnerabilities, which are:

An arbitrary file upload flaw present in certain configurations. According to WordFence, this issue was first ” irresponsibly published on April 23rd without privately notifying the plugin’s author.”

A flaw allowing attackers to delete media files from affected sites. In conjunction with the file upload feature, the previous versions of the plugin are able to delete the attachments users have uploaded at checkout.

In order to prevent this vulnerabilities from affecting websites with WooCommerce Checkout Manager, users should update to version 4.3 of the plugin.

Updating to 4.3 Woocommerce Checkout Manager

After being notified by WordFence about the issue, the plugin’s author fixed and released version 4.3 of the plugin. So, if possible, websites with the plugin should update immediately. However, WordaFence has deployed a firewall rule that addresses the flaw allowing hackers to delete the media files. Premium users have immediate access to this new rule, and free users will gain access in 30 days.

Although there has not been any reported exploitation of these vulnerabilities, we would like to emphasize the importance of preventing future issues by updating WooCoomerce Checkout Manager as soon as possible.


Orlando WordPress Website Maintenance

If you would like to have the best Orlando WordPress developers help you keep you WooCommerce website safe , contact us!! We are expert WordPress developers & designers located in Orlando, Florida.

 

Category: Orlando Ecommerce, Orlando Wordpress, Wordpress Orlando Tags: , , , , , No Comments
woocomerence

Sync Your WooCommerce Store With QuickBooks

Orlando WordPress Developer Quickbooks is an accounting program that helps business owners manage bills, use payroll fu... Read More »
Orlando Digital Marketing MailChimp

Email Marketing: New MailChimp Pricing Plan

Orlando Digital Marketing Agency On May 15th, Mailchimp introduced a new pricing plan in an attempt to add more options... Read More »
Orlando SEO company

New Google My Business Feature to Share Positive Reviews

Orlando SEO Google has officially announced the release of a new feature on Google My Business pages. Although it is no... Read More »