WordPress Security Update Impacts WooCommerce and Other eCommerce Plug-Ins

WordPress has releases a security update that is available as WordPress 4.7.3.

This update includes fixes to some vulnerabilities that can impact WordPress sites running eCommerce plug-ins such as WooCommerce.

In short here are the most important security fixes:

  1. Cross-site scripting (XSS) via media file metadata.
  2. Control characters can trick redirect URL validation.
  3. Unintended files can be deleted by administrators using the plugin deletion functionality.
  4. Cross-site scripting (XSS) via video URL in YouTube embeds.
  5. Cross-site scripting (XSS) via taxonomy term names.
  6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

As with any update, we strongly encourage you to update a test or staging site first to test to make sure your site is running well.

Of course a proper backup should be made prior to any update.

Check out the source link below for more information on this WordPress Security Update.

Let us know if you encountered any issues with updating to the WordPress 4.7.3. with any eCommerce plug-ins.

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on email