Could it be your host? I know WP Engine is automatically updating these.
All Woo users received the forced update.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Thank you for the super quick response!
I have 2 sites with different hosting; both auto updated
1 site updated to v 5.5.1 (hosting A)
Other site updated to v 5.5.2 (hosting B)
I will reach out to them, but in the meantime… Is there really a v 5.5.2? Or should it all be v 5.5.1
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Forced to 5.5.1 or 5.5.2??
5.5.1 seems to be the latest version. I just did a download and looked at the version number.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Thank you – so does that mean my site is hacked when it shows Woocommerce Plugin v 5.5.2? (in your opionion)
Dunno; I’ve asked in the “backroom”. Do you have a plugin like WordFence installed you could use to scan your site?
There is no 5.5.2, so what I’d do:
1. backup everything.
2. via FTP or the file manager app of your hosting control panel, delete wp-content/plugins/woocommerce
3. download a new copy of woocommerce from here.
4. unzip locally.
5. Upload the resulting woocommerce directory back to wp-content/plugins (via FTP or your hosting control panel).
6. Run a scan on your site using WordFence.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Yes, I both WordFence and BlogVault Security on both sites and used both to scan and everything comes up “okay” – so I do not think they are hacked. But one was showing Woocommerce v 5.5.2 after the forced update (and still had the “update to 5.5.1” button showing as well). That one I clicked to “update to v5.5.1” (even though it said it was already at v 5.5.2; it successfully updated to v 5.5.1.
I am confused about the higher version showing after the forced update and still showing the “need to update to v 5.5.1” even though it was already showing a higher version as being active.
Any thoughts about that?
Thank you!
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Also, the site with WP Engine showed the forced update to v 5.5.1
the site with GoDaddy showed the forced update to v 5.5.2
Are you sure it wasn’t 5.4.2, not 5.5.2? Older versions also were updated.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
I am certain – I had previously updated them to the most recent version just a few days ago and then the Critical Vulnerability email came out and then I started getting the auto-update emails and I then went to the sites and one said “5.5.1” and had no “update” button and the other said “5.5.2” and had the “update to 5.5.1” button – which I thought was very odd since it said it was already at a higher version, and when I clicked the update it changed to “5.5.1” – then I reached out to you guys to see what’s what…
All scans still say “not hacked” so… should I just let it go? (in your opinion)
Thank you.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Or should I reach out to GoDaddy?
Definitely check with them; they may have done soemthing on their own.
Thread Starter
+ES
(@evelynmsdesigngraphicscom)
Okay, thank you very much for your super quick responses and time with me!
