IMPORTANT: YITH WooCommerce Wishlist Protection Added

Тoday, a serious vulnerability issue with one of the vastly used Yith plugins – the WooCommerce Wishlist was discovered by Sucuri. The latest plugin version – 2.2.0 patches the vulnerability but all versions prior to it are at risk. To protect our customers, who haven’t updated their plugin, our security team started working immediately and a WAF rule was just applied on our servers.

We’re very proud of our internal WAF (Web Application Firewall) system that protects all SiteGround shared and cloud servers. It allows us to dynamically add different rules across our network and block hacking attempts. The moment we got notified about the issue with the YITH WooCommerce Wishlist plugin, our security team started working on the case. We’ve managed to come up with a rule, that shields you against potential attacks utilizing this vulnerability. Although this does not patch the problem in its core, we’ve added protection against those, who try to utilize it. This said, we urge you to update to the latest plugin version, which includes the official patch for this vulnerability.

Hristo Pandjarov

WordPress Initiatives Manager

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

Comments ( 7 )


Jan 19, 2018

Thanks for your work guys! You, being so proactive, gives me a great feeling of being protected by my hosting company!



Jan 24, 2018

Thank you Siteground! Don't know what I'd do without you guys haha



Jan 24, 2018

This is great! I just recently started using a YITH plugin so I'm going to start researching its security...



Jan 26, 2018

Wow, excellent, and good you communicate it directly on the dashboard, otherwise i wouldn't see it. THX Siteground!


Paul Morgan

Jan 27, 2018

I came from Fashosts to Siteground, the difference between the two companies is astonishing. So glad I made the move. After constant hosting errors to a fast loading website. Now I see your firewall precautions for all your hosts, this was never part of my Fasthost account. I feel my websites are so much safer now, huge thanks.


Mirco B

Mar 12, 2018

What about the dedicates? Only shared / cloud are patched?


Hristo Pandjarov Siteground Team

Mar 13, 2018

On dedicated servers we don't have our WAF installed since the majorify of our customers have custom setups there.


Start discussion

Ready to get your website started?

Choose a hosting plan, start or migrate your site in a few clicks, and grow your online presence!

Get Started Chat with an expert