Tag: magento extension flaw

1 article

Server racks and computer hardware in a dimly lit e-commerce IT area.

CISA Warns of Exploited Magento Extension Flaw

A critical flaw in the Mirasvit Full Page Cache Warmer Magento extension, tracked as CVE-2026-45247, has been exploited by hackers, allowing them to execute remote code without authentication. This vulnerability, rated 9.8 on the CVSS scale, enables attackers to wreak havoc by supplying a malicious PHP object in the CacheWarmer cookie.

Analyst 207Jun 4, 2026