skip to Main Content
XSS Vulnerability In WooCommerce Product Vendors Plugin

On August 31, 2017, it was discovered that WooCommerce fixed a cross site scripting vulnerability in its popular ‘Product Vendors’ plugin—a premium WordPress plugin for WooCommerce used on 28% of all WooCommerce stores.

Update to 2.0.36 Immediately

The latest version of the ‘Product Vendors’ plugin is 2.0.40, but if you are using the older version 2.0.35 it is recommended you immediately update to 2.0.36. You can read more about this vulnerability on the Wordfence blog.

Maje Media Clients Not Affected

None of Maje Media’s maintenance clients were affected and if you are one of our maintenance clients, you can rest assured, we update client sites and plugins to the latest, most secure version.

If you are interested in having Maje Media take care of WordPress maintenance for you, please visit our pricing page to learn more about our maintenance services.

Back To Top