Vulnerability in WordPress plugin TI WooCommerce Wishlist could allow full site takeover

Flaw in popular add-on allows any logged-in customer to achieve admin status

A critical vulnerability in a WordPress plugin with more than 70,000 active installations could grant an attacker full administrative access, including the ability to modify and takeover a site’s database.

The bug in TI WooCommerce Wishlist has been patched in the latest version (1.21.12). Users are being urged to update as soon as possible, as the vulnerability is currently being exploited in the wild.

Security researchers from NinTechNet described how a lack of a…

More Info


Check Also

GoDaddy Launches New WooCommerce Extensions for Managed WordPress Ecommerce Hosting

GoDaddy nearly doubles WordPress Ecommerce plugins available, including digital gift cards, Google Analytics Pro and …

Leave a Reply

Your email address will not be published. Required fields are marked *