Abandoned Cart Pro for WooCommerce Plugin Vulnerability - CVE-2025-4387

Yet another critical vulnerability got published, this time in the Abandoned Cart Pro for WooCommerce plugin.

It is officially recognized as CVE-2025-4387 and rated with a high score of 8.8.

Failing to update the plugin to a version from yesterday(9.17.0), while having registrations on your website enabled(even when someone buys something and gets a customer role), means that your website can get hacked at any time.

Anyone who registers can freely upload files on your server, allowing for website takeover, deletion, and reputation harm.

Please update the Abandoned Cart Pro for WooCommerce immediately, and don't hesitate to get help.