Secure Your Third Party Magento Themes and Extensions from Risk!
Recently, we got to know that SQL injection vulnerability has been established in several third-party extensions and themes. Extension’s vulnerability includes MD Quickview, SmartWave Quick View, (EM) Extreme Magento Ajaxcart and (EM) Extreme Magento Quickshop. And, these extensions have been used in various themes, such as Trego, Kallyas, and Porto from smartWave. We’ve also received a report that other SmartWave themes are also at risk. So, if you are currently using any of these extensions or themes, immediately contact the company from where you brought the particular themes and extensions to update the code with the latest version.
We highly recommend you to evaluate all your Magento administrator accounts to protect from unknown users. You should also reset all your administrator passwords for high security.