Security News > 2020 > August > WordPress Sites Targeted via Vulnerabilities in WooCommerce Discounts Plugin
The owners and administrators of e-commerce websites powered by WordPress and the WooCommerce platform have been warned of attacks exploiting vulnerabilities discovered recently by researchers in a discounts plugin.
The flaws were identified on August 7 by researchers at web security company WebARX in Discount Rules for WooCommerce, a plugin that has been installed on over 30,000 websites and which allows users to create various types of discounts for their products.
It's now important that website administrators update the plugin as WebARX says it has been seeing attacks exploiting the vulnerabilities.
WebARX told SecurityWeek that an attacker looking to exploit the vulnerabilities would first have to crawl the internet for affected WordPress websites by looking for the "Woocommerce" string in their source code.
The top challenges cited by professionals when dealing with website security were lack of knowledge, blocking and preventing attacks, plugin and third-party code vulnerabilities, software updates, and client education.