(The Hosting News) – Future Hosting, a specialized VPS hosting and dedicated server hosting provider, has warned users of the popular WordPress WooCommerce eCommerce plugin to update as soon as possible. A vulnerability in the plugin may allow attackers to access files that contain sensitive information that could put sites at risk of data loss or malware infection.
The security weakness, which was discovered and reported by researchers at security company Sucuri on June 10, 2015, leverages an object injection vulnerability present in WooCommerce. Only sites with WooCommerce’s PayPal Identity Token option activated are vulnerable.
Owners of vulnerable sites should update to the most recent version of the WooCommerce plugin, which includes a patch that fixes the problem.
Read the full story here.