Discount plugins built into ecommerce sites flaws uncovered

Walden Systems Geeks Corner News Discount plugins built into ecommerce sites flaws uncovered Rutherford NJ New Jersey NYC New York City North Bergen County
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

Websites that are built on top of WordPress and WooCommerce platform have seen a rise in exposure to attacks from hackers. Security professionals have recently uncovered vulnerabilities in a discount plugin used in e-commerce websites. A discount plugin is a third-party vendor software that allows web-administrators of the website to create discounts on their products.

The software bugs were discovered by security professionals researching Discount Rules for WooCommerce. The discount-plugin has been installed on over 30,000 websites. This allows website owners of e-commerce websites to create various types of discount for the products being sold online. The exposure to these vulnerabilities have led to an increase in attacks on websites that have the plugin installed.


The manufacturer of the plugin has fixed the flaw once it was identified. The difficult part is letting web-administrators know how to update to a newer version of the plugin and to convince them that it is also safe. The bugs consisted of SQL-injections, stored cross-site scripting and authorization attacks. Once hackers identify which websites are compromised, they then proceed to break in with ease.

These vulnerabilities allow hackers to inject malicious payloads into the e-commerce websites and execute unauthenticated arbitrary code stealing customers data. Since hackers can inject any malicious code into the website they can force visiting customers to be redirected to their own webpages. These compromised web pages often contain other viruses and malwares that can infect users' computers.

Web-administrators often cite that dealing with website security is one of their most difficult jobs. Studies conducted show that web professionals are increasingly concerned about security. Nearly half of web developers are seeing increased attacks on their website. These attacks leave users that visit their websites exposed to viruses and malwares.