Though there have been no known attacks against the present safety issues, Magento team is sharp to respond timely to your suggestions and findings, as well as to continuously test and track the performance of the platform to ensure vulnerability-free environment for any ecommerce business with far-reaching ambitions. The SUPEE-11219 security patch addresses, among other, remote code execution (RCE), cross-site scripting (XSS) and cross-site request forgery (CSRF) issues. These have been noticeably enhanced in Magento Commerce 1.14.4.3 and Open Source 1.9.4.3. At the same time you may opt for the patch and install it on your version of the platform.
Magento has always kept a sharp eye on security and performance issues of the platform. The team guarantees safest environment for any ecommerce business with far-reaching ambitions. A timely and powerful security patch SUPEE-11155 proves the best of Magento maintenance services. The patch contains multiple security enhancements which help close remote code execution, cross-site scripting, cross-site request forgery and other vulnerabilities.
SUPEE-11086, Magento Commerce 1.14.4.1 and Open Source 1.9.4.1 contain multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.
SUPEE-10975, Magento Commerce 1.14.4.0 and Open Source 1.9.4.0 contain multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.
SUPEE-10888, Magento Commerce 1.14.3.10 and Open Source 1.9.3.10 contain multiple security enhancements that help close cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.
SUPEE-10752, Magento Commerce 1.14.3.9 and Open Source 1.9.3.9 contain multiple security enhancements that help close authenticated Admin user remote code execution (RCE), cross-site request forgery (CSRF) and other vulnerabilities.
SUPEE-10570, Magento Commerce 1.14.3.8 and Open Source 1.9.3.8 contain multiple security enhancements that help close remote code execution (RCE), cross-site scripting (XSS, and other issues. These releases also include small functional fixes listed in the release notes.
As November comes to an end, we are happy to announce that the traditional Black Friday & Cyber Monday season of discounts in the Aheadworks store has already begun. From November 24 until November 28, we provide a special discount for our products. Using the Black17 coupon, you will be able to buy any our Magento extension or theme in the store at a 25% discount.
SUPEE-10415, Magento Commerce 1.14.3.7 and Open Source 1.9.3.7 contain multiple security enhancements that help close cross-site request forgery (CSRF), Denial-of-Service (DoS) and authenticated Admin user remote code execution (RCE) vulnerabilities. These releases also include a fix for a prior customers that had experienced issues patching caused by SOAP v1 interactions in WSDL.
SUPEE-10266, Magento Commerce 1.14.3.6 and Open Source 1.9.3.6 contain multiple security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. These releases also include fixes for issues with image reloading and payments using one-step checkout.