Authentication Bypass and Privilege Escalation attack

  • Resolved 8BitPixel

    (@8bitpixel)


    2 years, 9 months ago

    Hello,
    I manage a few WooCommerce sites and I’ve seen this pop up in several of the security logs.

    <country> was blocked by firewall for WooCommerce Payments <= 5.6.1 Authentication Bypass and Privilege Escalation at <website URL>
IP: <source attack IP> Hostname: <source attack IP>
Human/Bot: Human
Mozilla/5.0 (windows NT 10.0: WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/6.1.303 5.111

    I’ve been in touch with WooCommerce Support and they have suggested I contact WordFence support.. so here I am!
    I am just checking if this is something to be concerned about or is it a false-positive?

    Thanks in advance.
    8BP

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    2 years, 9 months ago

    Hi @8bitpixel,

    This is a log entry detailing that the firewall successfully blocked a genuine attack. The attempt may have worked if Wordfence hadn’t been protecting the site, depending on whether you have the vulnerable version of WooCommerce Payments installed.

    Naturally, ensure the plugin is up-to-date as it’s now patched, but aside from this there’s no further action to take.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)

The topic ‘Authentication Bypass and Privilege Escalation attack’ is closed to new replies.