WooCommerce 3.6.5 was released on July 2 as a security release. This update improves the security of WooCommerce by introducing new functions in the importer. Security improvements Introduce file type check for tax rate importer. Added nonce check to CSV importer actions. Fixes WordPress & PHP upgrade nudges when running older versions. «Filter by price» […]
WooCommerce 3.6.5 Security Update Weiter lesen »
Magento released various updates on June 26. The update 2.3.2 contains over 200 functional fixes and 75 security enhancements. Magento 2.3.2 Highlights Security 75 security enhancements to fix vulnerabilities, which allowed cross-site scripting, arbitrary code execution, and sensitive data disclosure. PaypalRecaptcha module adds Google reCAPTCHA to the Payflow Pro checkout form to prevent spam attacks.
Magento 2.3.2 and 2.2.9 Security and Fix-Update Weiter lesen »
Magento 2.1.18 is the last update for Magento 2.1.x and was released on June 26. It contains security enhancements to fix vulnerabilities, which allowed cross-site scripting, arbitrary code execution, and sensitive data disclosure. There were no confirmed attacks against those vulnerabilities, but you should install the update as soon as possible. Security fixes and enhancements
Magento 2.1.18 Security Update Weiter lesen »
Magento released version 1.9.4.2 on June 26. The update contains 75 security enhancements and has the patchname SUPEE-11155. There are also 2 small fixes and some changes you can find on Magento DevDocs. Security Fixes (SUPEE-11155) Arbitrary code execution through design layout update (PRODSECBUG-2296) Arbitrary code execution through product imports and design layout update (PRODSECBUG-2298)
Magento 1.9.4.2 Security Update Weiter lesen »
WooCommerce released a new security update on April 16. WooCommerce 3.5.8 contains 7 commits and fixes, 3 security related issues. You should install the update as soon as possible to close the vulnerabilities on your site. The update contains following fixes: Added escaping for states on the user profile screen. Added escaping for PhotoSwipe captions.
WooCommerce 3.5.8 Security Update Weiter lesen »
Magento 1.9.4.1 was released on March 26 and contains security and bug fixes. Previous Magento versions had multiple security vulnerabilities which allowed hackers to gain access to customer data and take over administrator sessions. To close the known vulnerabilities you should update your Magento store as soon as possible. Security fixes (SUPEE-11086) SQL Injection through
Magento 1.9.4.1 Security Update Weiter lesen »
On March 26, Magento released updates for Magento 2.1, 2.2 and 2.3. Those updates contain also security related fixes and enhancements. Magento had multiple vulnerabilities that allowed hackers to gain access to customer information or take over administrator sessions. The update should be installed as soon as possible to close the cross-site scripting, arbitrary code
Magento 2.1.17, 2.2.8 and 2.3.1 Updates Weiter lesen »
On March 19, WooCommerce released a security update (3.5.7) to fix a vulnerability which allowed cross-site-scripting. Because this is a security-related update, you should install it as soon as possible. Improved the way in which state fields are regenerated by JavaScript to ensure values are properly escaped. Remember to create backups before installing updates and
WooCommerce 3.5.7 Security Update Weiter lesen »
WordPress 5.1.1 was released today, March 13. This update contains 10 fixes and enhancements, as well as a pair of security fixes. The fixed vulnerability allowed hackers to perform a Cross-Site-Scripting attack by sending a maliciously crafted comment. This vulnerability affects all versions below WordPress 5.1, therefore there are updates for WordPress 5.0.4, 4.9.10, 4.8.9,
WordPress 5.1.1 Security and Fix-Update Weiter lesen »