Thousands of WordPress WooCommerce stores potentially exposed to hack


Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin.

The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities.

Discount Rules for WooCommerce is a WordPress plugin that allows users to manage product pricing and discount campaigns on WooCommerce online stores. The plugin has more than 30,000 installations.

Read more…