Critical Vulnerability Detected in WooCommerce

  • Resolved franks123

    (@franks123)


    3 years, 7 months ago

    Hi, there is an email came about Critical Vulnerability Detected in WooCommerce. I have checked on this link
    https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/.

    woocommerce version 4.3.4 and 4.6.3 are running on 2 websites. shall i need to update or not?

    There is some confusion that are mentioned on the above link started with “How do I know if my version is up-to-date?” Under this heading the versions are mentioned. this paragraph is mentioned below this heading

    “The table below contains the full list of patched versions for both WooCommerce and WooCommerce Blocks. If you are running a version of WooCommerce or WooCommerce Blocks that is not on this list, please update immediately.”

    right now version 4.3.4 and 4.6.3 are running so according to this paragraph. i don,t need to update.

    PLease guide me about this thing

    thank you

    • This topic was modified 3 years, 7 months ago by franks123.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Yui

    (@fierevere)

    永子

    See the above link for safe (patched) versions,
    most likely your site has been automatically updated.

    If you run vulnerable version and auto-update did not happen – update your site yourself. It is important.

    right now version 4.3.4 and 4.6.3 are running so according to this paragraph. i don,t need to update.

    Your site is fine then.
    However you shall consider to update to recent versions anyway, as older versions lack compatibility with newer PHP/WordPress/other plugins and themes, features and bug fixes.

    Thread Starter franks123

    (@franks123)

    ok if i will update both sites to 5.5.1 then website will work fine?

    Hi, franks123, the plugins will likely successfully update, however, whenever completing a major update for a plugin, it’s recommended that you backup your site in case of issues that would arise from incompatibilities.

    If your web host offers it, you could create a staging site that would allow you to test certain actions like updating plugins and/or themes for your site without having your main site break.

    You could even have a staging site that you could have on your computer where you test updates for plugins/themes using something like Local by Flywheel.

    Plugin Support abwaita a11n

    (@abwaita)

    Hi @franks123,

    As @plantprogrammer has explained, if you’d like to test whether the site works well with the updated 5.5.1 version, you can do so on a staging/testing site.

    I would suggest using the WP Staging plugin to generate an online copy of your site, from where you can test.

    Thanks.

    Plugin Support abwaita a11n

    (@abwaita)

    Hi,
    We’ve not heard back from you in a while, so I’m marking this thread as resolved. Hopefully, you were able to proceed with the test and update.

    If you have further questions, please feel free to open a new topic.

    Thanks.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Critical Vulnerability Detected in WooCommerce’ is closed to new replies.