Recently WooCommerce discovered a critical vulnerability in their plugin, that makes outdated WooCommerce stores still vulnerable. Your online store may have had a potential data breach.
This vulnerability affected all WooCommerce sites between version 3.3 – 5.5 and data could have been compromised, however WooCommerce acted quickly to secure this vulnerability and prevent any further sites from being affected.
I have a WooCommerce site – What should I do?
To secure your WooCommerce site, be sure to update to a newer version for example you could do V3.3 to V3.4 if you cannot update to the latest version, but update immediately.
After updating to a patched version, we also recommend:
- Updating the passwords for any Admin users on your site.
- Remove any spam WordPress user accounts that aren’t actual users (This isn’t required, but I often recommend doing this).
- Refresh any Payment Gateway and/or WooCommerce API keys used on your site.
How can I see if my WooCommerce Store was affected?
Currently there is no definitive way to see if your site has been exploited for certain but there are possible ways to find if you may have been exploited.
Reach out to your hosting support team to see if any of the following IP addresses have been accessing (or trying to access) your site since December 2019:
137.116.119.175
162.158.78.41
103.233.135.21
If these IP addresses are in your logs, I recommend in changing your admin information and also use the https://haveibeenpwned.com/ to see if your email or password is on a breached list and adjust it immediately in all instances where the password has been shared.
I’m in over my head, I need help!
Here at Arctek Technologies, we offer affordable WordPress and WooCommerce maintenance plans that our experienced team may help check if your site has been exploited and continue to ensure that your site’s security, and overall site health is running smoothly.
For a full report and update regarding this exploit, be sure to Read the official WooCommerce announcement.