Critical Vulnerability Patched in WooCommerce Upload Files

Please note that this is a separate plugin from the main WooCommerce plugin and is designed as an add-on to that plugin.

All of our current clients are protected against this vulnerability.

The threat researchers at WordFence detailed a critical 0-day vulnerability in the WooCommerce Upload Files plugin that would have allowed attackers to infect and completely take over a website. This vulnerability has been patched in version 59.4, and we recommend that all users update to the latest version of the plugin as soon as possible, which is 60.1 at the time of this writing.

Full article at:

Posted in Updates.