• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / News / Hackers attacked the WordPress WooCommerce Store

Hackers attacked the WordPress WooCommerce Store

24/08/2020 14:23 by Anastasis Vasileiadis

Hackers try to exploit SQL injection vulnerabilities as well as vulnerabilities in scripting security (XSS) in woocommerce a WordPress plugin with more than 30.000 installations.

Discount Rules for WooCommerce is a plugin that makes it easy to manage product prices in WooCommerce online stores.

Screenshot 2020 08 24 WordPress WooCommerce stores under attack patch now - Hackers attacked WordPress WooCommerce Store

The security vulnerabilities identified and reported by WebARX could allow intruders to possibly execute remote code in vulnerable addresses and with administrator privileges.

WebARX reported vulnerabilities to the plugin development team on August 7th, and in less than a week, on August 13th, version 2.1.0 updated the code for these vulnerabilities.

Based on Jong's analysis of these vulnerabilities, they could allow attackers without authentication to retrieve a list of all users and coupon codes, enter the admin page with XSS, and run remote code.

WordPress E Commerce Websites Are Under Attack - Hackers Attack WordPress WooCommerce Store

At least 17.000 online stores are exposed to attacks

The developer of the plugin repaired the vulnerabilities on August 13th.

Despite this, the plugin has been downloaded over 12.000 times in the last 7 days based on the download history provided by the WordPress page. With these numbers representing the total number of updates and new installations.

This means that at least 17.000 WordPress pages that use WooCommerce, and have the plugin enabled, are still exposed to constant attacks.

Hackers attacked the WordPress WooCommerce Store was last modified: August 24, 2020, 2: 23 mm by Anastasis Vasileiadis

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: Newstag: Discount Rules, WooCommerce

You May Also Like

Tails Project: Tails 4.15 anonymity on the internet
LibreOffice 7.1.0 prerelease has just been released
Papaki collaboration with the Institute of Technology and Research

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « Wacker: Breaking WPA3 using dictionary
Next Post: Firefox 80.0 download before official release »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.