[SECURITY BREACH] WordPress plugins - WooCommerce Dynamic Pricing & Discounts

Roger Marquez

Jr. VIP
Jr. VIP
Joined
Apr 17, 2017
Messages
3,372
Reaction score
4,204
Website
bit.ly
What happened?
On August 19, 2021, it was brought to our attention that one of our WordPress plugins - WooCommerce Dynamic Pricing & Discounts - has a security vulnerability that allows unauthenticated export and import of plugin settings. Versions from 2.2 to 2.4.1 are affected. The bug was patched in version 2.4.2 which has been available since August 22, 2021.

On August 31, 2021, a security research team wrote a post on their blog covering this vulnerability. Since then, malicious actors have been looking for sites that are running outdated versions of the plugin and trying to exploit this vulnerability.

Source
 

cnick79

Jr. VIP
Jr. VIP
Joined
Jun 10, 2010
Messages
1,386
Reaction score
1,001
Website
www.gplcellar.com
…and people are worried about nulled plugins.

Just made sure I had the latest!
 
Last edited:
Top