WooCommerce sellers generally use the YITH WooCommerce Gift Cards Premium to promote gift card sales through their websites. A recent critical flaw has allowed hackers to upload files, including web shells, to sites installed with the plugin, giving them complete control over the website. The plugin has over 50,000 installs worldwide, making the unauthorized attack prevalent. Experts have termed the flaw CVE-2022-45359 (CVSS v3: 9.8), affecting the plugin versions until 3.19.0. Versions 3.20.0 and 3.21.0 have security updates, and experts advise WooCommerce merchants to update these safer versions. WordPress security experts at Wordfence explain that the hackers are targeting sites running on older, outdated versions through upload backdoors on the sites, and remote code execution, to take over the platforms.
Critical Flaw Identified in YITH WooCommerce Gift Cards Premium Plugin
Recent Blogs
- Which Agency Can Fix a WooCommerce Checkout Not Working: A Practical Hiring Guide
- How To Redesign Your eCommerce Website In 2026: The Ultimate Guide
- How Food & Beverage Stores Can Improve Online Conversion Without Discounting
- How AI Is Shrinking the Skill Gap in eCommerce Development
- WooCommerce SEO Made Easy: A Step-by-Step Guide to Ranking #1 on Google
Most Popular Blogs
- Top eCommerce Platforms for Emerging Startups and Businesses in 2024
- WooCommerce Vs. Magento Vs. BigCommerce Vs. Shopify: A Comprehensive Comparison Guide (Updated 2024)
- How to Migrate Your Subscriptions to WooCommerce?
- What You Need to Know About Cross-border eCommerce in 2025
- Why AMP? Benefits, Limitations & Next Step
Is Your eCommerce Store Ready for the Google Core Web Vitals Update?
Unoptimized websites will lose 70% traffic. Don't let this update KILL your eCommerce business!
Talk to ExpertsAny questions?
Related Platforms
Our Locations
Recent Case Studies
-
November 20, 2025B2B eCommerce Setup for The Fruitful Grind
Summary The Fruitful Grind wanted to strengthen its wholesale business by creating a dedicated buying experience for retailers and multi-location cust ...
Read More -
November 17, 2025
Multi-Storefront Migration for a Communications Accessories Brand
Summary Klein Electronics, a communications accessories company, had recently acquired another ecommerce brand. They wanted to keep both brands operat ...
Read More -
August 18, 2025End-to-End Drupal 10 Upgrade for a Digital Medical Education Platform
Summary ScholarRx engaged Virtina to upgrade its mission-critical education platform from Drupal 8 to Drupal 10. The initiative required a full-scale ...
Read More -
August 05, 2025
BigCommerce App Integration for a Video Commerce Solution
Summary Firework is a global shoppable video and live commerce leader, turning static storefronts into immersive, conversion-focused experiences. The ...
Read More
