Critical SQL Injection Vulnerability Patched in WooCommerce

If you run a WooCommerce store on your site you may not see this update in this month’s report. That’s because this one was critical enough that WordPress made the rare decision to “push” the update as soon as it was available. Trust us, all our WooCommerce sites are safe and up to date!

WooCommerce is the leading e-Commerce platform for WordPress and is installed on over 5 million websites. Additionally, the WooCommerce Blocks feature plugin, installed on over 200,000 sites, was affected by the vulnerability and was patched at the same time.

Stories at and

Posted in Vulnerability.