Security Issue in Woocommerce 3.4.5
Woocommerce vulnerability – make sure you have updated
A recently published vulnerability in Woocommerce version 3.4.5 could allow attackers to take over an account with the Shop Manager role and gain full Admin privileges.
This flaw has been fixed in Woocommerce 3.4.6 and you are advised to update at the earliest opportunity.
The latest release for Woocommerce is 3.5.1 which as a major release, should be tested for compatibility with your website theme and plugins before upgrading.
We are testing and updating all customer websites with a website management plan with 3.5.1 currently.