Researchers have published details of a dangerous flaw in the way the hugely popular WooCommerce plugin interacts with WordPress that could allow an attacker with access to a single account to take over an entire site. WooCommerce’s four million plus users were first alerted to the issue a few weeks back in the release notes for the updated version:

Read full news article on Naked Security