WooCommerce 9.5.2: Dot Release

WooCommerce 9.5.2 has been released

This release includes important security enhancements and fixes.

Current Stable Tag

👉 WooCommerce 9.5.2

  • Released — January 8, 2025

What’s in this release

More robust coupon logic in checkout

🛠️ Fixed a bug where limited usage coupons would experience conflicts when applied simultaneously. #54269

We received reports that during specific conditions during checkout, a limited coupon could be applied more than once. This release leverages the hold_applied_coupons() method to lock the coupon when it’s applied during checkout, so it can only be used once with each request. A default hold time has also been added, while respecting custom settings from the woocommerce_hold_stock_for_checkout filter. This update ensures secure and consistent coupon handling.

Changes to the Customers API endpoint

🛠️ Enhance the security of the Customers API #54267

Following a report we received, we have now restricted mutation operations on the Customers API (/wp-json/wc/v1/customers) to customer and subscriber roles. This prevents unintended creation or modification of administrator and shop_manager roles, aligning with the API’s intended purpose and WordPress’ user endpoint behavior, which does not allow mutations.

Reposted form WooCommerce

If you have a care plan with 7th Circle Designs this update will be taken care of based on your plan’s schedule. If you do not have a care plan, sign up now.