WordPress Security Update Impacts WooCommerce and Other eCommerce Plug-Ins

WordPress has releases a security update that is available as WordPress 4.7.3.

This update includes fixes to some vulnerabilities that can impact WordPress sites running eCommerce plug-ins such as WooCommerce.

In short here are the most important security fixes:

1. Cross-site scripting (XSS) via media file metadata.
2. Control characters can trick redirect URL validation.
3. Unintended files can be deleted by administrators using the plugin deletion functionality.
4. Cross-site scripting (XSS) via video URL in YouTube embeds.
5. Cross-site scripting (XSS) via taxonomy term names.
6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources.

As with any update, we strongly encourage you to update a test or staging site first to test to make sure your site is running well.

Of course a proper backup should be made prior to any update.

Check out the source link below for more information on this WordPress Security Update.

Let us know if you encountered any issues with updating to the WordPress 4.7.3. with any eCommerce plug-ins.

Connect With Us And Other Small Business Owners

Please head over to our Facebook Group for Small Business Sellers and interact with other small business owners.

Follow us on Facebook, Twitter, and LinkedIn to stay up to date with relevant news and business insights for your online business.