The WooCommerce plugin for the WordPress content management system has been updated to patch a serious vulnerability that could be exploited without authentication. The vulnerability has yet to receive a tracking number but its severity score has been calculated at 8.2 out of 10 by Patchstack, a company that protects WordPress sites from plugin vulnerabilities. Administrators are urged to update to the latest release of the platform as the flaw affects more than 90 versions starting with 5.5.0. The plugin has more than five million installations.
Source: https://www.bleepingcomputer.com/news/security/woocommerce-fixes-vulnerability-exposing-5-million-sites-to-data-theft/