We have had an increase in reports about this bot from folks in the WooCommerce community over the past few weeks, which leads us to believe that there may be a new (or renewed) attack happening. The WooCommerce core team discovered this vulnerability as a result of an attack from a bot that was creating spam orders and, by way of the aforementioned vulnerability, WordPress user accounts that it could use for probing a site for further vulnerabilities. ![]() In November of 2020, we shared an advisory for developers encouraging them to update to the latest version of WooCommerce due to a vulnerability we had recently addressed in the account creation flow. ![]() ![]() Stores without any anti-spam or antifraud measures in place may see an increase in spam orders due to a renewed attack from a bot probing sites for vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |