Announcement

Collapse
No announcement yet.

Notice of Vulnerabilities from Imunify360 for WooCommerce on cPanel

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Notice of Vulnerabilities from Imunify360 for WooCommerce on cPanel

    We recently received a notice from Imunify360 regarding vulnerabilities in WooCommerce version 8.1.1 (PRION:CVE-2021-32790) on our server. However, the vulnerabilities mentioned are dated from 2021.
    We were wondering if this is a bug or if action is needed on our end to address these vulnerabilities?
    Tags: None
  • #2
    Hi,
    To provide you with a more accurate answer, would you please share the notice in question?

    Comment

    • #3
      Originally posted by alevchenko View Post
      Hi,
      To provide you with a more accurate answer, would you please share the notice in question?
      Dear Administrator,

      This message is to provide you important information regarding web server security. Please note that the following software in your environment is considered to be outdated or vulnerable:
      • woocommerce version 8.1.1 that is located at /home/REDACTED/public_html/staging has vulnerability(s):
      • PRION:CVE-2021-32790
      • woocommerce version 8.1.1 that is located at /home/REDACTED/public_html has vulnerability(s):
      • PRION:CVE-2021-32790
      • woocommerce version 8.1.1 that is located at /home/REDACTED/public_html has vulnerability(s):
      • PRION:CVE-2021-32790
      • woocommerce version 8.1.1 that is located at /home/REDACTED/public_html/staging has vulnerability(s):
      • PRION:CVE-2021-32790
      • woocommerce-direct-checkout version 3.2.4 that is located at /home/REDACTED/public_html/staging is outdated
        The recommended for use version of this software is 3.2.5

      1 more items found.

      Please do the following:
      • Option 1: Make sure WordPress administrator(s) responsible install the necessary updates.
      OR
      • Option 2: Upgrade from ImunifyAV to Imunify360 to cut down the risks that come with outdated software.

      If you have any questions, please contact our support team.

      All the best,
      Imunify360 Security Team
      Manage subscriptions
      The system generated this notice on Sunday, October 1, 2023 at 4:58:12 AM UTC.

      “Imunify::Generic” notifications are currently configured to have an importance of “High”. You can change the importance or disable this type of notification in WHM’s Contact Manager at: (redacted)

      Do not reply to this automated message.

      Copyright© 2023 cPanel, L.L.C.

      Comment

      • #4
        Hello,

        Consulted with our specialized team and was informed that this has been already addressed to the developers for investigation (for checking WooCommerce CVE-2021-32790).

        There is no ETA for now as such tasks can be researched for weeks so I'd recommend monitoring our changelog https://changelog.imunify.com/

        Comment

        • #5
          Greetings,

          In regard to the CVE-2021-32790, this Woocommerce plugin vulnerability was covered on July 16, 2021 with rule 77316858.
          We also recommend keeping your plugins, themes and core updated.​

          Comment

          Previous template Next
          Working...
          X