WooCommerce Checkout Manager Plugin Security Vulnerabilities

Orlando WordPress Maintenance

Orlando WordPress Developer

If you have asked yourself “How do I customize my WooCommerce Checkout page?” There’s a luckily a WordPress plugin that can help you! WooCommerce Checkout Manager allows you to customise the fields on your WooCommerce Checkout page.Tis plugin allows to rename your “cart”, make check out fields optional or required, or even create fields to display the order time. Nonetheless, as with any plugin, sometimes security vulnerabilities emerge. So, make sure to read below on how to address vulnerabilities for Woocommerce Checkout Manager.

WordPress Plugin Vulnerabilities

On May 2nd, 2019 Woocommerce Checkout Manager released an update that fixes two vulnerabilities, which are:

An arbitrary file upload flaw present in certain configurations. According to WordFence, this issue was first ” irresponsibly published on April 23rd without privately notifying the plugin’s author.”

A flaw allowing attackers to delete media files from affected sites. In conjunction with the file upload feature, the previous versions of the plugin are able to delete the attachments users have uploaded at checkout.

In order to prevent this vulnerabilities from affecting websites with WooCommerce Checkout Manager, users should update to version 4.3 of the plugin.

Updating to 4.3 Woocommerce Checkout Manager

After being notified by WordFence about the issue, the plugin’s author fixed and released version 4.3 of the plugin. So, if possible, websites with the plugin should update immediately. However, WordaFence has deployed a firewall rule that addresses the flaw allowing hackers to delete the media files. Premium users have immediate access to this new rule, and free users will gain access in 30 days.

Although there has not been any reported exploitation of these vulnerabilities, we would like to emphasize the importance of preventing future issues by updating WooCoomerce Checkout Manager as soon as possible.


Orlando WordPress Website Maintenance

If you would like to have the best Orlando WordPress developers help you keep you WooCommerce website safe , contact us!! We are expert WordPress developers & designers located in Orlando, Florida.

 

Category: Orlando Ecommerce, Orlando Wordpress Tags: , , , , , No Comments

Author

M5 Design Studio

We are a small, but creative and passionate team of designers and developers specializing in web design, graphic design, branding & digital marketing.


Hcaptcha Wordpress Plugin Alternative To Googles Recaptcha

Hcaptcha: WordPress Plugin Alternative to Google’s Recaptcha

ORLANDO WORDPRESS DEVELOPER If you have a WordPress website, you know how important it is to protect it from spam, b
New Woocommerce Released Orlando

WooCommerce 8.3.0 Released

ORLANDO WORDPRESS DEVELOPER Whats new? Cart, Checkout, and Order Confirmation Blocks Are Default on New Ins
Wordpress 5.8 release maintenance

Latest Features in WordPress 5.8

WordPress Developer WordPress Version 5.8 was released on July 20th, 2021 with several features anticipated by web devel

Comments are closed.