Immediate Patch Required | WordPress.org

Resolved idayras
(@idayras)

10 months, 3 weeks ago

Hello everyone! I have received an email from no-reply@woocommerce-secure.com saying that “We are contacting you about a critical security vulnerability detected in the WooCommerce platform on April 28, 2025.
Warning: Our recent security scan, carried out on May 5, 2025, has validated that this critical vulnerability directly impacts your website: my site”

Recommends that I download a patch to install on my website.

Is this email secure?

Viewing 4 replies - 1 through 4 (of 4 total)

Moderator Support Moderator
(@moderator)

10 months, 3 weeks ago

Sounds fishy to me. If there is an update for Woo, it will be *here* and not on some other site.

Jonayed (woo-hc)
(@jonayedhosen)

10 months, 3 weeks ago

Hi @idayras ,

Thanks for reaching out.

It looks like that email might be part of a phishing scam. WooCommerce hasn’t sent any official statement like the one you mentioned, and we’ve recently identified a phishing campaign targeting store owners with fake warnings about security vulnerabilities.

These emails are designed to look legitimate but contain false information — there’s no real vulnerability as claimed. You can find more details and safety tips in our advisory here: https://developer.woocommerce.com/2025/04/22/dev-advisory-phishing-campaign-targeting-woocommerce-stores/

I hope this clears things up!

Thread Starter idayras
(@idayras)

10 months, 3 weeks ago

ok, thank you!

Jonayed (woo-hc)
(@jonayedhosen)

10 months, 3 weeks ago

Hi @idayras ,

I’m really glad we were able to point you in the right direction!

If you have a moment, we’d really appreciate it if you could share your experience by leaving us a review: https://wordpress.org/support/plugin/woocommerce/reviews. Your feedback helps us keep improving!

Please don’t hesitate to create a new topic if you need further assistance.

Cheers!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Immediate Patch Required’ is closed to new replies.

5 replies
3 participants
Last reply from: Jonayed (woo-hc)
Last activity: 10 months, 3 weeks ago
Status: resolved