One of the changelog entries for the latest version of WooCommerce One Click Upsell Funnel is “Improved: Better Security and Performance”. Looking at the changes made in that version we found there were a lot of unnecessary security changes being made, but we did find that a cross-site request forgery (CSRF)/cross-site scripting (XSS) vulnerability had been fixed.

…

[Read more]