Pierluigi Paganini August 22, 2020
Thousands of WordPress WooCommerce stores potentially exposed to hack

Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […]

Pierluigi Paganini April 12, 2020
A new e-skimmer found on WordPress site using the WooCommerce plugin

Experts discovered a new e-skimmer employed in MageCart attacks against WordPress websites using the WooCommerce plugin. Experts from security firm Sucuri discovered a new e-skimmer software that is different from similar malware used in Magecart attacks. The new software skimmed was employed in attacks on the WordPress-based e-store using the WooCommerce plugin. The e-skimmer doesn’t […]

Pierluigi Paganini April 27, 2019
Experts release PoC exploit for unpatched flaw in WordPress WooCommerce Extension

WordPress-based eCommerce websites using the WooCommerce plugin are at risk of full compromise due to an unpatched vulnerability. A WordPress security firm called ‘Plugin Vulnerabilities’ has discovered a critical vulnerability in the WooCommerce plugin that exposes WordPress-based eCommerce websites to hack. The vulnerability affects the WooCommerce Checkout Manager plugin that allows owners of e-commerce websites […]