A security patch for PrestaShop 1.7 is now available.
As part of the extended support policy for PrestaShop 1.7, which involves taking care of critical and security fixes for the 1.7.8.x branch, we are releasing today a new patch for this version. This release fixes a few security issues found by security researchers.
For more details regarding security fixes, you can check the security advisories section below.
It is recommended to upgrade your shop quickly in order to benefit from these fixes. Of course, don’t forget to backup before. You can upgrade to the latest version using the 1-Click Upgrade module.
- SQL manager vulnerability (potential RCE)
- New possible XSS injection through Validate::isCleanHTML method
Since version 188.8.131.52 is a “patch” update, upgrading from version 184.108.40.206 should happen without any issues.
Features will work better, and modules and themes, which worked fine on previous 1.7.8 releases, will work just as well with 220.127.116.11. As for every upgrade, it’s highly recommended to do a full manual backup beforehand.
If you encounter any problems during the upgrade that, in your opinion, are not caused by third-party modules or modifications used in your shop, submit a bug report.