On the evening of Wednesday 14th July a critical security vulnerability in the leading WordPress e-commerce plugin, Woocommerce, was reported.
Woocommerce report: https://woocommerce.com/posts/critical-vulnerability-detected-july-2021
Whilst no attempts to exploit this vulnerability in the wild have been seen it’s likely hackers will jump at chance to use this exploit before more sites are patched.
All managed GorillaHub clients running Woocommerece were patched by 1000 on Thursday 15th.
| Cookie | Duration | Description |
|---|---|---|
| __stripe_mid | 1 year | Stripe sets this cookie cookie to process payments. |
| __stripe_sid | 30 minutes | Stripe sets this cookie cookie to process payments. |
| cookielawinfo-checkbox-advertisement | session | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| CookieLawInfoConsent | session | Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie. |
| PHPSESSID | session | This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed. |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
| Cookie | Duration | Description |
|---|---|---|
| yt-player-headers-readable | never | The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience. |
| yt-remote-cast-available | session | The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player. |
| yt-remote-cast-installed | session | The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video. |
| yt-remote-connected-devices | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
| yt-remote-device-id | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
| yt-remote-fast-check-period | session | The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos. |
| yt-remote-session-app | session | The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player. |
| yt-remote-session-name | session | The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video. |
| ytidb::LAST_RESULT_ENTRY_KEY | never | The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future. |
| Cookie | Duration | Description |
|---|---|---|
| _ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
| _ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
| _gat_gtag_UA_86428731_4 | 1 minute | Set by Google to distinguish users. |
| _gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
| sbjs_current | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_current_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_first | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_first_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_migrations | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_session | 1 hour | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| sbjs_udata | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
| Cookie | Duration | Description |
|---|---|---|
| test_cookie | 15 minutes | doubleclick.net sets this cookie to determine if the user's browser supports cookies. |
| VISITOR_INFO1_LIVE | 6 months | YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface. |
| VISITOR_PRIVACY_METADATA | 6 months | YouTube sets this cookie to store the user's cookie consent state for the current domain. |
| YSC | session | Youtube sets this cookie to track the views of embedded videos on Youtube pages. |
| Cookie | Duration | Description |
|---|---|---|
| m | 2 years | No description available. |
