Important Security Update for WooPayments: Everything You Need to Know
At Masters of WordPress, we’re always on the lookout for essential updates and news that could affect your WordPress and/or WooCommerce experience. Today, we want to share with you a significant security update for WooPayments (previously known as WooCommerce Payments).
What’s the Update About?
It acts to eliminate a potential vulnerability that might, under unique circumstances, let a Woo shopper alter their order status without conducting an actual payment. Before you panic, let us reassure you that WooCommerce found no evidence suggesting that this vulnerability was exploited. Diligent internal testing led to the discovery of this potential vulnerability, and an immediate security update was crafted immediately.
A Little Bit of Background
In July 2023, WooCommerce Payments underwent a rebranding to “WooPayments.” Thus, you might encounter it under either name in your dashboard.
Is Your Version Secure?
To address this issue, a new set of WooPayments versions has been released, removing the vulnerability. Any extension version listed below or higher than 6.2.1 is secured:
What Steps Do You Need to Take?
If you’re hosted by Automattic (including Woo Express, WordPress.com, or Pressable), rest easy! The extension is already being updated or has been updated to remove the vulnerability.
If you’re not hosted by Automattic, here’s what you need to do:
Check Your Version: Navigate to your site’s WP Admin dashboard, click on Plugins, and look for WooPayments in your extensions. Ensure you’re using a secure version.