The Wordfence Threat Intelligence team has identified a critical-severity vulnerability in the WooCommerce Payments plugin that could allow an unauthenticated attacker to take over a website. The vulnerability has been patched in the latest version 5.6.2, which users should update immediately.
The vulnerability was caused by a flaw in the plugin’s authentication system that allowed an attacker to impersonate an administrator and gain full control over a website without any user interaction or social engineering. The Wordfence team developed a Proof of Concept and released a firewall rule on March 23, 2023, to protect their premium customers.
The WooCommerce Payments plugin is widely used, with over 500,000 installations, so this vulnerability is a significant threat. Wordfence advises all users to update to version 5.6.2 immediately to ensure the security of their websites.
It has not yet been confirmed whether the weakness in the plugin was detected by the developer or external sources. It’s also unknown whether anyone is using the flaw for malicious purposes, but the WordFence team foresee a significant increase in assaults when cybercriminals are able to access the Proof of Concept.
If your website has Wordfence Premium, Wordfence Care, or Wordfence Response installed, your website should already be protected by the firewall rule released on March 23, 2023. If your site is running the free version of Wordfence, the rule will become available on April 22, 2023.
It is recommended that this information be forwarded to colleagues and friends who may be using the WooCommerce Payments plugin on their website. If you believe your site has been compromised, don’t worry – KeyTech have you covered with our professional and reliable website cleaning services.
We care about your business and the safety and security of your website, so please do not hesitate to reach out to us if you ever need assistance. We’re always here to help with a knowledgeable and friendly approach.