Bleeping Computer

Magento plugin Magmi vulnerable to hijacking admin sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it.
Threat Post

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. Researchers have disclosed two flaws that could enable remote code execution attacks ...
CNBC Africa

KWIK DELIVERY releases new plugin for Magento Delivery plugin and version 2.0 of its WooCommerce plugin in 5 Days!

Content provided by APO Group. CNBC Africa provides content from APO Group as a service to its readers and does not edit the articles it publishes. CNBC Africa is not responsible for the content ...
Ars Technica

Mass exploit of WordPress plugin backdoors sites running Joomla, Magento, too

As many as 50,000 websites have been remotely commandeered by attackers exploiting a recently patched vulnerability in a popular plugin for the WordPress content management system, security ...