Classic Commerce has just released an important security fix in version 1.0.4.
Security Fix for incorrect use of $wpdb->esc_like
Since ClassicCommerce is a fork of Woocommerce, we inherited the good and some of the challenges it presents. The development team from Woocommerce pushed a security patch which we have now adopted as well in this latest version.
Thanks to @Simone for the patch adoption and @wadestriebel for fast tracking this.
How to update
- Please backup your site first (always good).
- The update server should have delivered the option to click and update your install via the plugins admin page in your online shop. So you just need to click update and the plugin update will do the necessary changes.