[wp-trac] [WordPress Trac] #55366: WordPress auto-updated plugin with auto-updates disabled

WordPress Trac noreply at wordpress.org
Thu Mar 10 22:17:43 UTC 2022

#55366: WordPress auto-updated plugin with auto-updates disabled
 Reporter:  vtxtools      |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:
 Severity:  normal        |   Keywords:
  Focuses:                |

 As there are some updates that can break our site, we have automatic
 updates disabled for all plugins. Today, the plugin "Woocommerce" updated
 from version 6.3.0 to 6.3.1 automatically, causing a critical issue on our
 site. I looked at the changelog for this version, and it appears there was
 a fix for a security issue. So I am wondering if there is some criteria
 that would allow an automatic update of a plugin even if automatic updates
 are disabled. We understand the need to keep plugins up to date, I'm just
 curious if security was the reason for this unexpected behavior or if it's
 a bug.

Ticket URL: <https://core.trac.wordpress.org/ticket/55366>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list