WooCommerce critical vulnerability

WooCommerce (which is used on many WordPress shopping carts) has announced a critical vulnerability in their plugin. We updated all client sites within hours of the notification.

Even though we have updated client sites with WooCommerce, this is a timely reminder:

• Even if your site doesn’t use WooCommerce – if you have a shopping cart, online bookings, vital information and/or contact forms which collect client information, then multiple offsite backups and monthly maintenance are vital. 
• Regular website maintenance is still one of the best ways to make sure that plugins, WordPress, PHP and themes reduce your exposure. Learn more about regular maintenance
• WooCommerce haven’t yet revealed the extent of the exploit or whether data has been compromised, but the potential exposed data could include order and customer information stored on your site if you use a WooCommerce shopping cart and we’ll let you know as soon as we learn more
• Out of caution it is a good idea to update your WordPress passwords now since the patched version of WooCommerce has been installed and this potential exploit, which has existed since 30/1/2018, shows that regular password changes are always beneficial

A WooCommerce vulnerability doesn’t have to put your website or customers at risk.

Regular WordPress maintenance can’t prevent every issue — but it does significantly reduce vulnerabilities and speeds up recovery if problems occur.

Call 3366 8166 or contact us today to review your site’s security and keep your online store protected.