Blog

Magento has just introduced the newest security patch intended for Magento 1.x termed SUPEE-7405. This patch handles several security difficulties within Magento but most importantly fixes a leak that allows hackers to take over your admin (backend) account and gain access to your Magento shop.

This specific patch repairs the subsequent issue,prevent cache manipulate,SQL injection through split routing,CAPTCHA avoid , Cross-site Obtain Forgery (CSRF),Incorrect Enter Controlling and even more To get a total listing of the particular patched protection and also sensible repairs look at the Magento security core.This patch is available intended for Magento types 1.4.0.0 – 1.9.2.2 and 2.0.0.0 – 2.0.1.0.

Cart abandonment is a large issue for just about every ecommerce store. On an average, over 60% of carts are left to die before checkout is complete. One of the biggest reasons behind cart abandonment is that the checkout process is just too long and complicated for the consumers and thus they find it much easier to just abandon the cart as against completing the process. Fortunately, there are solutions; enter the One Step Checkout module!

Magento has recently released a new Security Patch (SUPEE-6788) along with Community Edition 1.9.2.2 and Enterprise Edition 1.14.2.2. These newer edition comes with security patch set in core itself and does not need any other current or past patches to be installed separately. The patch addresses over 10 security issues including remote code execution and information leak vulnerabilities. All these new releases are fully tested, complete and ready for merchants to deploy. We strongly encourage you to implement the patch or upgrade to the new versions as soon as possible.

Magento has recently launched Magento Community Edition 1.9.1.1, Magento Enterprise Edition 1.14.2.1, and a new Mobile SDK for Android. These releases improve security and performance, and empower you with a new tool to drive mobile sales. Along with these, a new security patch has also been released for Community Edition and Enterprise Edition (SUPEE-6482). The patch addresses 2 issues with Community Edition and 4 issues with Enterprise Edition. All these new releases are fully tested, complete and ready for merchants to deploy. We strongly encourage you to implement the patch or upgrade to the new versions as soon as possible.

A new critical Magento security patch has been released to secure the platform from potential attacks. There are no confirmed reports of attacks related to these issues to-date, but it is important to immediately deploy the patch in order to protect online store. This patch prevents attackers from posing as an administrator to gain access to the last orders feed, which contains personally identifiable information that can then be used to obtain more sensitive information in follow-on attacks and closes a number of security gaps including cross-site scripting (XSS), cross-site request forgery (CSRF), and error path disclosure vulnerabilities.