On March 22, 2023, a vulnerability was discovered within WooCommerce Payments that, if exploited, could permit unauthorized admin access to impacted stores. We immediately deactivated the impacted services and mitigated the issue for all websites hosted on WordPress.com, Pressable, and WPVIP. The vulnerability was reported by Michael Mazzolini of GoldNetwork, who was conducting white-hat testing […]