Security
Service Updates

Jan 17, 2018 • 1 min read

7 comments

IMPORTANT: YITH WooCommerce Wishlist Protection Added

Тoday, a serious vulnerability issue with one of the vastly used Yith plugins – the WooCommerce Wishlist was discovered by Sucuri. The latest plugin version – 2.2.0 patches the vulnerability but all versions prior to it are at risk. To protect our customers, who haven’t updated their plugin, our security team started working immediately and a WAF rule was just applied on our servers.

We’re very proud of our internal WAF (Web Application Firewall) system that protects all SiteGround shared and cloud servers. It allows us to dynamically add different rules across our network and block hacking attempts. The moment we got notified about the issue with the YITH WooCommerce Wishlist plugin, our security team started working on the case. We’ve managed to come up with a rule, that shields you against potential attacks utilizing this vulnerability. Although this does not patch the problem in its core, we’ve added protection against those, who try to utilize it. This said, we urge you to update to the latest plugin version, which includes the official patch for this vulnerability.

Access email sent!

Sign Up For
More Awesome Content!

Subscribe to receive our monthly newsletters with the latest helpful content and offers from SiteGround.

Thanks!

Please check your email to confirm your subscription.

Hristo Pandjarov

Product Innovation Director

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

Comments ( 7 )

author avatar

Aleksey

Jan 19, 2018

Thanks for your work guys! You, being so proactive, gives me a great feeling of being protected by my hosting company!

Reply
author avatar

Adam

Jan 24, 2018

Thank you Siteground! Don't know what I'd do without you guys haha

Reply
author avatar

Brian

Jan 24, 2018

This is great! I just recently started using a YITH plugin so I'm going to start researching its security...

Reply
author avatar

Tomasz

Jan 26, 2018

Wow, excellent, and good you communicate it directly on the dashboard, otherwise i wouldn't see it. THX Siteground!

Reply
author avatar

Paul Morgan

Jan 27, 2018

I came from Fashosts to Siteground, the difference between the two companies is astonishing. So glad I made the move. After constant hosting errors to a fast loading website. Now I see your firewall precautions for all your hosts, this was never part of my Fasthost account. I feel my websites are so much safer now, huge thanks.

Reply
author avatar

Mirco B

Mar 12, 2018

What about the dedicates? Only shared / cloud are patched?

Reply
author avatar

Hristo Pandjarov Siteground Team

Mar 13, 2018

On dedicated servers we don't have our WAF installed since the majorify of our customers have custom setups there.

Reply

Start discussion

Add comment