Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation.

Automattic, the company behind the WordPress content management system, is force installing a security update on hundreds of thousands of websites running the highly popular WooCommerce Payments for ...

A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce. Up to 4 million online merchants who use the popular WooCommerce ...