{"id":6098,"date":"2021-07-15T05:33:50","date_gmt":"2021-07-15T05:33:50","guid":{"rendered":"https:\/\/musilda.cz\/?p=6098"},"modified":"2021-07-15T05:33:50","modified_gmt":"2021-07-15T05:33:50","slug":"vazna-zranitelnost-ve-woocommerce-a-woocommerce-blocks-pluginu","status":"publish","type":"post","link":"https:\/\/affinite.io\/cs\/vazna-zranitelnost-ve-woocommerce-a-woocommerce-blocks-pluginu\/","title":{"rendered":"V\u00e1\u017en\u00e1 zranitelnost ve WooCommerce a WooCommerce Blocks pluginu"},"content":{"rendered":"\n<p>P\u0159ed dv\u011bma dny byla ve WooCommerce a WooCommerce Blocks pluginu objevena z\u00e1va\u017en\u00e1 zranitelnost, jen\u017e umo\u017enuje kompromitovat web. Zranitelnost je natolik z\u00e1va\u017en\u00e1, \u017ee doch\u00e1z\u00ed k automatick\u00e9 aktualizaci WooCommerce nap\u0159\u00ed\u010d verzemi.<\/p>\n\n\n\n<p>V tuto chv\u00edli nen\u00ed jasn\u00e9, jak p\u0159esn\u011b m\u016f\u017ee b\u00fdt e-shop napaden, ani k jak\u00fdm dat\u016fm se m\u016f\u017ee \u00fato\u010dn\u00edk dostat. Jakmile WooCommerce uve\u0159ejn\u00ed n\u011bjak\u00e9 informace, dopln\u00edm \u010dl\u00e1nek. <\/p>\n\n\n\n<p>V tuto chv\u00edli jedin\u00e9 co m\u016f\u017eete ud\u011blat, je zkontrolovat, zda m\u00e1te na webu opravenou verzi. To zjist\u00edte <a href=\"https:\/\/developer.woocommerce.com\/releases\/\" target=\"_blank\" rel=\"noopener\">zde<\/a>, kde je seznam v\u0161ech aktualizac\u00ed. Pokud m\u00e1 va\u0161e verze datum vyd\u00e1n\u00ed 14.7.2021, tak je v\u0161e v po\u0159\u00e1dku. Star\u0161\u00ed verze pros\u00edm aktualizujte neprodlen\u011b. <\/p>\n\n\n\n<p>P\u0159i porovn\u00e1v\u00e1n\u00ed posledn\u00edch verz\u00ed, to vypad\u00e1 na probl\u00e9m v ProductQueryFilters, kde byl nahrazen k\u00f3d:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$attributes_to_count     = array_map( 'wc_sanitize_taxonomy_name', $attributes );<\/code><\/pre>\n\n\n\n<p>k\u00f3dem<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$attributes_to_count     = array_map(\n\t\t\tfunction( $attribute ) {\n\t\t\t\t$attribute = wc_sanitize_taxonomy_name( $attribute );\n\t\t\t\treturn esc_sql( $attribute );\n\t\t\t},\n\t\t\t$attributes\n\t\t);<\/code><\/pre>\n\n\n\n<p>a v souboru class-wc-webhook-data-store.php, kde byl k\u00f3d:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$search          = ! empty( $args&#091;'search'] ) ? \"AND `name` LIKE '%\" . $wpdb-&gt;esc_like( sanitize_text_field( $args&#091;'search'] ) ) . \"%'\" : '';<\/code><\/pre>\n\n\n\n<p>nahrazen k\u00f3dem:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$search          = ! empty( $args&#091;'search'] ) ? $wpdb-&gt;prepare( \"AND `name` LIKE %s\", '%' . $wpdb-&gt;esc_like( sanitize_text_field( $args&#091;'search'] ) ) . '%' ) : '';<\/code><\/pre>\n\n\n\n<p>Nev\u00e1hejte s aktualizac\u00ed, pokud se neprovedla automaticky. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>P\u0159ed dv\u011bma dny byla ve WooCommerce a WooCommerce Blocks pluginu objevena z\u00e1va\u017en\u00e1 zranitelnost, jen\u017e umo\u017enuje kompromitovat web. Zranitelnost je natolik z\u00e1va\u017en\u00e1, \u017ee doch\u00e1z\u00ed k automatick\u00e9 aktualizaci WooCommerce nap\u0159\u00ed\u010d verzemi. V tuto chv\u00edli nen\u00ed jasn\u00e9, jak p\u0159esn\u011b m\u016f\u017ee b\u00fdt e-shop napaden, ani k jak\u00fdm dat\u016fm se m\u016f\u017ee \u00fato\u010dn\u00edk dostat. Jakmile WooCommerce uve\u0159ejn\u00ed n\u011bjak\u00e9 informace, dopln\u00edm \u010dl\u00e1nek.<\/p>\n","protected":false},"author":1,"featured_media":8732,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,25],"tags":[],"class_list":["post-6098","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost-wordpressu","category-woocommerce"],"_links":{"self":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/6098"}],"collection":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/comments?post=6098"}],"version-history":[{"count":0,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/6098\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media\/8732"}],"wp:attachment":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media?parent=6098"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/categories?post=6098"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/tags?post=6098"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}