PrestaShop 8.2.4 is available
Security improvements for branch 8.2.x
PrestaShop 8.2.4 is available. This maintenance release for the 8.2 branch brings security improvements to further harden your store.
Why this release now?
Security is a core priority for the PrestaShop project. Even when risks are moderate, we believe in continuous improvement. This release addresses one specific topic to strengthen the authentication process.
PrestaShop 9.0.3, released simultaneously, also includes the fix for the time-based enumeration vulnerability.
Security fixes
This release fixes one security issue:
- Time based enumeration in FO login form (Severity: Moderate 5.3/10)
- A time-based user enumeration vulnerability in the user authentication functionality allowed attackers to determine whether a customer account exists by measuring response times.
- Identifier: GHSA-67v7-3g49-mxh2
Update to PrestaShop 8.2.4
Updating your shop to version 8.2.4 is highly recommended. You can use the Update Assistant to perform the update easily.
Always remember to make a full backup of your database and files before performing any update.
Download
You can download PrestaShop 8.2.4 from the release page.
Download PrestaShop 8.2.4 now!
PrestaShop 9
If you are looking for the latest features and a more modern architecture, we encourage you to check out PrestaShop 9. PrestaShop 9 offers significant improvements and a hardened security architecture. It marks a major step forward for the platform.
Start planning your migration today to benefit from the latest innovations in the PrestaShop ecosystem.
Acknowledgments
This security release was made possible thanks to the collaboration between the maintainers team and community experts.
Thank you to everyone who contributes to keeping PrestaShop secure!