XSS Vulnerability in WooCommerce Product Vendors Plugin

WooCommerce News and Updates

On August 31, 2017, it was discovered that WooCommerce fixed a cross site scripting vulnerability in its popular ‘Product Vendors’ plugin—a premium WordPress plugin for WooCommerce used on 28% of all WooCommerce stores.

Update to 2.0.36 Immediately

The latest version of the ‘Product Vendors’ plugin is 2.0.40, but if you are using the older version 2.0.35 it is recommended you immediately update to 2.0.36. You can read more about this vulnerability on the Wordfence blog.

Purrly Digital Clients Not Affected

None of Purrly Digital’s maintenance clients were affected and if you are one of our maintenance clients, you can rest assured, we update client sites and plugins to the latest, most secure version.

If you are interested in having Purrly Digital take care of WordPress maintenance for you, please visit our pricing page to learn more about our maintenance services.

Related Posts

WordPress News
Security Update: WordPress 4.9.1
WordPress 4.9.1 was released on November 29, 2017 and It is recommended that you update as soon as possible. It is recommended that you update as soon as possible because this release addresses four security issues.
WordPress News
Security Update: WordPress 4.8.3
WordPress has released 4.8.3 which includes a security update. If you have a WordPress site, it is strongly encouraged that you update immediately.
Back To Top