WooCommerce Core Security Issue Alert - Critical vulnerability - July 2021

July 15, 2021

Security Update Alert on Woocommerce versions 3.3 to 5.5 on July 15, 2021

Update Woocommerce to the latest version (5.5.1) or the highest number possible

There has been a critical vulnerability identified in WooCommerce (versions 3.3 to 5.5) and the WooCommerce Blocks feature plugin (versions 2.5 to 5.5).

What actions should I take with my store?

Stores hosted on and WordPress VIP have already been secured. We are working with the Plugin Team to automatically update as many stores as possible to secure versions of WooCommerce. We also urge you, however, to take the following added precautions to safeguard your site:

Update your copy of WooCommerce to the latest version (5.5.1) or the highest number possible in your release branch.If you are running the WooCommerce Blocks feature plugin, you’ll need to update it to the latest version (5.5.1).

What does this mean for my store?

Woocommerce is still investigating this vulnerability, but we wanted to let you know now about the importance of updating immediately.

Woocommerce will be sharing more information with site owners on how to investigate this security vulnerability on their site, which we will publish on our blog when it is ready. If a store was affected, the exposed information will be specific to what that site is storing but could include order, customer, and administrative information.

Woocommerce Vulnerability Email Update Today

Is WooCommerce still safe to use?

Yes, it is safe to use.

Incidents like this are rare but do unfortunately sometimes happen. But the team behind the plugin will ensure an update with a security patch release once found.

Since learning of the vulnerability, the Woocommerce team has worked around the clock to ensure that a fix has been put in place, and our users have been informed.

Leave a Reply

Your email address will not be published. Required fields are marked *