A critical unauthenticated remote code execution vulnerability in Mirasvit Full Page Cache Warmer, one of the most widely used cache extensions for Magento and Adobe Commerce, has been publicly disclosed, carrying a CVSS v3.1 score of 9.8. Tracked as CVE-2026-45247, the flaw requires no authentication, no admin session, and no special configuration to exploit. A single malicious HTTP […]
The post Critical Magento Cache Plugin Flaw Enables Remote Code Execution appeared first on Cyber Security News.