From blog.sucuri.net
On March 22nd, 2023 a critical vulnerability was discovered within the WooCommerce Payments plugin – an extremely popular eCommerce payment plugin for WordPress with over half a million active installations. Thankfully the vulnerability was discovered by white hat security researcher Michael Mazzolini and responsibly disclosed through HackerOne, giving websites time to install the patched version 5.6.2 before full details of the exploit are released on April 6th.