[Dismas]

Looks like input sanitization practices are still bad, even though it's 2021. Many websites run this plugin and it's likely that a good portion still need to be updated.

WooCommerce, the popular e-commerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication.

Administrators are urged to install the latest release of the platform as the flaw affects more than 90 versions starting with 5.5.0.

Owned by Automattic, the company behind the WordPress.com blogging service, the WooCommerce plugin has more than five million installations.

Read More: https://www.bleepingcomputer.com/news/se...ata-theft/

[mothered]

Looks like input sanitization practices are still bad, even though it's 2021

It's the very first thing that should be Implemented to help protect against SQLi.

You'd think In this day and age, It'd be standard practice with entities who operate on a medium to large scale.

[Alex1759]

That will stop the majority of automated hacks but the cleverer targeted hacks are a little harder to stop.

[Spooky]

After all it is a free service, you get what you pay for. You would think that software/plugin secuirty would be a top priority considering its an e-commerce platform. SMH

[Mr.Kurd]

I'm not really surprised after seeing Developers who still save passwords without hashing in database.

[mothered]

That will stop the majority of automated hacks but the cleverer targeted hacks are a little harder to stop.

Yes, It certainly will not prevent exploitation In Its entirety, but any form of protection Is better than nothing at all.