Articles about Security

  • Jul 23, 2020

    Announcing our first Bug Bounty program

    It's time to make PrestaShop better and safer that it already is!

    Protecting the business, data and privacy of PrestaShop’s users is one of our top priorities. We build our software with this goal in mind. That’s why we decided to put our security to the test. To encourage the security community to help us, today we are announcing our first bug bounty program!

    Continue reading Arrow
  • Jul 2, 2020

    Release Of PrestaShop 1.7.6.6

    Maintenance version of the 1.7.6.X branch

    The ongoing work on security for PrestaShop software continues. We have identified and fixed new minor security issues and since we don’t expect PrestaShop 1.7.7.0 final to be released before a few weeks, it has been decided to deliver a new maintenance release for 1.7.6.X branch.

    Continue reading Arrow
  • Jun 4, 2020

    We were at Google's CMS Security Summit 2020

    PrestaShop continues working together with Google and the top CMS vendors for a safer web.

    Once again, open source CMSs Security leads shared knowledge together last February at an event organized by Google in Munich.

    Continue reading Arrow
  • Apr 20, 2020

    Release Of PrestaShop 1.7.6.5

    Maintenance version of the 1.7.6.X branch

    A few months ago, the PrestaShop core team has decided to make a forthright patch release process and deliver patch versions on a more regular basis, every time it’s needed. So here we are, 6 weeks after the release of 1.7.6.4, PrestaShop 1.7.6.5 is now available!

    Continue reading Arrow
  • Mar 5, 2020

    Release Of PrestaShop 1.7.6.4

    MAINTENANCE VERSION OF THE 1.7.6.X BRANCH

    PrestaShop 1.7.6.4 is finally available! A critical security issue and regressions found on the previous 1.7.6 versions have been fixed. Upgrading your shop is highly recommended.

    Continue reading Arrow
  • Feb 28, 2020

    Security issue with PHPUnit, post-incident analysis

    The mysterious development dependencies!

    Early January, we encountered a security issue with PHPUnit in some modules that allowed attackers to perform arbitrary code execution without authorization through the PHPUnit dependency. This vulnerability was discovered through a merchant whose shops were compromised.

    Continue reading Arrow
  • Jan 7, 2020

    Critical security vulnerability in PrestaShop modules

    A newly found exploit could allow remote attackers to take control of your shop.

    Attackers are using a vulnerability in a popular dependency used by modules to take control of PrestaShop sites. For details, please read the entire article.

    Continue reading Arrow
  • May 3, 2019

    Release of PrestaShop 1.7.5.2 and 1.6.1.24

    Maintenance version of the 1.7.5.x and 1.6.1.x branch

    PrestaShop 1.7.5.2 and 1.6.1.24 are now available. These versions fix a security issue for both 1.7.5.x and 1.6.1.x. For the details, please read below:

    Continue reading Arrow
  • Mar 4, 2019

    We were at the CMS Security Summit with Google

    Security is very important for PrestaShop

    PrestaShop and other open source CMSs are working together to improve the security of websites.

    Continue reading Arrow
  • Nov 7, 2018

    Release of PrestaShop 1.7.4.4 and 1.6.1.23

    Maintenance version of the 1.7.4.x and 1.6.1.x branch

    PrestaShop 1.7.4.4 and 1.6.1.23 are now available. These versions fix a security issue for both 1.7.4.x and 1.6.1.x. For the details, please read below:

    Continue reading Arrow