WooCommerce 3.4.6 Security Update

·

·

WooCommerce 3.4.6 was released on October 11 with 3 fixes. One of the fixes is security related, therefore the update should be installed as soon as possible. The vulnerability is not very dangerous, because it only allowed Shop Manager to exceed their capabilities and perform malicious actions. Now Shop Managers can no longer edit all roles, if you want that your Shop Managers are able to edit roles, you have to add them in a whitelist.

The fixes

  • Security issues
  • Allow percent coupons with sale restrictions to apply to carts with sale items in them.
  • Prevent multiple slashing of variation’s SKU.

Remember to always backup before installing an update!

(Picture Courtesy of Yuri Samoilov)