It’s been a while since WooCommerce bumped the minimum PHP version of WooCommerce to 7.0, and the WooCommerce team believes that now is about time for a new bump. Starting with version 6.5, scheduled for release in May 2022, WooCommerce will require PHP 7.2 or newer to work.
WooCommerce has announced on its developer blog that there is a critical vulnerability in multiple versions of WooCommerce. This blog post will highlight what the vulnerability is and what this means for you going forward.
WooCommerce stores without any anti-spam or anti-fraud measures in place may see an increase in spam orders due to a renewed attack from a bot probing sites for vulnerabilities.
The WoocCommerce team has announced the release of WooCommerce 4.8, which is now publicly available! It has been in development since November 2020 and Core contributions include about 257 commits from 29 contributors.
Versions of WooCommerce prior to 4.6.2 contain a vulnerability that allows guest users to create accounts during checkout even when the “Allow customers to create an account during checkout” setting is disabled
WooCommerce 4.0 is a “major” release. This means that this version is not fully backwards compatible with sites running various versions of WooCommerce 3.x. Therefore, we recommend testing the upgrade on a staging site copy before upgrading your live store and creating a backup of your code and database.
When WooCommerce 3.9 is released in January, it will have new required versions of WordPress and PHP. Running WooCommerce 3.9 will require a site running WordPress 5.0 and PHP 7.0 or newer.
This past week WooCommerce developers have released version 3.4.6. This release patches a security issue for all previous versions and it’s strongly recommended that you to update your WooCommerce sites as soon as possible.