CRITICAL VULNERABILITY in woodmart code

There is a critical vulnerability in your woodmart core files. We need an urgent patch!

Vulnerability Information: https://www.wordfence.com/threat-intel/vulnerabilities/id/60f043e9-7947-4fff-a9a8-94a1f421db7c?source=plugin (opens in new tab)
Vulnerability Severity: 9.8/10.0 (Critical)

hello Ddeveloper please check urgently it very serious issue

https://www.wordfence.com/threat-intel/vulnerabilities/id/60f043e9-7947-4fff-a9a8-94a1f421db7c?source=plugin

Hello,

Please insert the site admin access into the Private content below the message area. We will take a closer look at the case.

We will get back to your asap.

Best Regards

I have no need to insert the admin access as this is your template with the same files as you use on your test environment. So please just check your end and the report which I attached in previous post.

Pleas read message in private area

Hello,

Make sure that you are running the latest version of the theme. Also, the WoodMart core plugin needs to be updated to the latest version 1.0.39 too. You can do this in WoodMart -> Plugins.

Kind Regards

Hello,

Both our sites running your theme were hacked due to your plugin vulnverability. We have traced it back to this through virus checkers. I have spent days trying to clear this up due to this vulnerability. What makes this worse is that you did not even notify your existing customers that your plugin was compromised, and it took you more than a day to reply after I first notified you.

I now have a problem of a tracking link being loaded on our site which I need your help to remove. Details in private area.

Hello,

We released the update with the fix before the vulnerability where publicly disclosed. An email about the update was sent by Envato. Unfortunately, we are not able to modify its content but we mentioned that this update is critically important in all our changelogs.

Kind Regards

[Author]

Posts