cancel
Showing results for 
Search instead for 
Did you mean: 

Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

Amasty RMA extension is used by a number of community and enterprise edition stores. The plug-in is found to have a couple of critical vulnerabilities. The two vulnerabilities found are:

  1. Malicious file upload possible
  2. Directory Traversal

More details here: https://www.getastra.com/blog/cms/magento-security/vulnerability-magento-rma-extension/

The vendor has patched the vulnerability, it is recommended to update. 

1 REPLY

Re: Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

This issue was fixed back in May, so the current version of our RMA extension (1.3.11) has no vulnerabilities.

Last month we made all updates of our extensions free of change, so everyone who has ever bought our RMA mod can easily upgrade it to the current version.

Was my answer helpful? You can accept it as a solution.
200+ professional extensions for M1 & M2 with free lifetime updates!