Articles by tag: Security
-
Major Security Vulnerability on PrestaShop Websites
A newly found exploit could allow remote attackers to take control of your shop.
Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites. For details, please read the entire article.
Continue reading → -
Release Of PrestaShop 1.7.6.9
Maintenance version of the 1.7.6.x branch
The ongoing work on security for PrestaShop software continues. We have identified and fixed a new security issue, it has been decided to deliver a new maintenance release for 1.7.6.X branch.
Continue reading → -
Release Of PrestaShop 1.7.6.8
Maintenance version of the 1.7.6.x branch
The ongoing work on security for PrestaShop software continues. We have identified and fixed new minor security issues, it has been decided to deliver a new maintenance release for 1.7.6.X branch.
Continue reading → -
Bug Bounty Program, the retrospective
When hunters make your business safer!
For several months, we experimented a Bug Bounty Program with the YesWeHack platform. Here is a retrospective, explaining why we did it, and what happened during this period.
Continue reading → -
Announcing our first Bug Bounty program
It's time to make PrestaShop better and safer that it already is!
Protecting the business, data and privacy of PrestaShop’s users is one of our top priorities. We build our software with this goal in mind. That’s why we decided to put our security to the test. To encourage the security community to help us, today we are announcing our first bug bounty program!
Continue reading → -
Release Of PrestaShop 1.7.6.6
Maintenance version of the 1.7.6.X branch
The ongoing work on security for PrestaShop software continues. We have identified and fixed new minor security issues and since we don’t expect PrestaShop 1.7.7.0 final to be released before a few weeks, it has been decided to deliver a new maintenance release for 1.7.6.X branch.
Continue reading → -
We were at Google's CMS Security Summit 2020
PrestaShop continues working together with Google and the top CMS vendors for a safer web.
Once again, open source CMSs Security leads shared knowledge together last February at an event organized by Google in Munich.
Continue reading → -
Release Of PrestaShop 1.7.6.5
Maintenance version of the 1.7.6.X branch
A few months ago, the PrestaShop core team has decided to make a forthright patch release process and deliver patch versions on a more regular basis, every time it’s needed. So here we are, 6 weeks after the release of 1.7.6.4, PrestaShop 1.7.6.5 is now available!
Continue reading → -
Release Of PrestaShop 1.7.6.4
MAINTENANCE VERSION OF THE 1.7.6.X BRANCH
PrestaShop 1.7.6.4 is finally available! A critical security issue and regressions found on the previous 1.7.6 versions have been fixed. Upgrading your shop is highly recommended.
Continue reading → -
Security issue with PHPUnit, post-incident analysis
The mysterious development dependencies!
Early January, we encountered a security issue with PHPUnit in some modules that allowed attackers to perform arbitrary code execution without authorization through the PHPUnit dependency. This vulnerability was discovered through a merchant whose shops were compromised.
Continue reading →