Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ad-inserter domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/blog.webeats.it/httpdocs/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the cookie-law-info domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/blog.webeats.it/httpdocs/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/blog.webeats.it/httpdocs/wp-includes/functions.php on line 6114
Vulnerabilità Magento - richiesta azione (4-25-2015) - Blog WebEats

Stando alle notifiche da parte degli sviluppatori di Magento, sono stati resi noti 2 bug di sicurezza.

Di seguito il report ufficiale:

 

For customers impacted by the vulnerability, two courses of action are currently available:

    • SUPEE-5344 – Addresses a potential remote code execution exploit (Added Feb 9, 2015)
    • SUPEE-1533 – Addresses two potential remote code execution exploits (Added Oct 3, 2014)

A compromise associated with this vulnerability can include the presence of unknown Magento administrative accounts in the Magento Admin control panel. For that reason, customers should verify all admin account email addresses for known accounts and reset passwords.