Sí, en efecto, también alertamos mismo aviso. “WooCommerce <= 8.4.0 – Scripts entre sitios reflejados” que la versión Versión parcheada es la 8.5.0. la cuá aún no está disponible y llama la atención.
Hi @orangedam
This vulnerability has been fixed in version 8.4 of WooCommerce which is confirmed by the text here:
IMPORTANT: There was a miscommunication and error in this vulnerability record where we initially reported version 8.5.0 as patched, while 8.4.0 was still vulnerable. This issue was patched in version 8.4.0 and only affects versions up to 8.3.0. Please rest assured knowing you can update the plugin to version 8.4.0 and this issue will be patched.
I can also confirm from our side that this issue has indeed been addressed in WooCommerce 8.4.0.
WooCommerce 8.5.0 has been released and then retracted due to an unrelated issue. It will likely be re-released early next week, however, there’s no rush to update since version 8.4.0 is secure.
I hope this helps!
That is a good news, thanks!
Orangedam
Hi @orangedam,
I’m glad if we could point you in the right direction with this!
I’ll be marking this thread as resolved but feel free to create a new one if you have other questions!