WooCommerce – Vulnerability detected
Alpenglow Agency secures and updates the WordPress & WooCommerce sites we manage so our customers avoid the stress that comes with cybersecurity breaches. We also like to keep our partners informed. On 13th July 2021, WooCommerce alerted users that a security researcher discovered a critical vulnerability. Critical vulnerability means there could be an indirect attack on personal information stored within a MySql database.
Steps to take if you work with WooCommerce:
- Update WooCommerce and WooCommerce Blocks Plugins to the most recent version
- Change all admin passwords
- Rotate any WooCommerce payment gateway API keys
These are precautionary measures, as the WooCommerce team believes any exploitation was limited. However, it is better to be safe than sorry when it comes to keeping a customer’s personal information secure. WooCommerce stores hosted with Alpenglow’s Managed WordPress Hosting were immediately updated.
How to have better security in the future?
While WooCommerce is safe to use in the future, a great option is to host your online shop with managed WordPress hosting, like Alpenglow’s CampHost service. You will never have to worry about the pains and complications of DIY WordPress security updates!
Where can I learn more?
- Read the full announcement at https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/
- Checkout the hackerone security program https://hackerone.com/automattic?type=team