Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
Mon Jun 01 2026
E-Commerce
Software
Vulnerability
cybersecuritynews.com
A critical security vulnerability has been discovered in a widely used Magento caching plugin that allows attackers to remotely execute malicious code with no login, configuration changes, or admin access required. Security researchers at Sansec uncovered an unauthenticated PHP object injection flaw in Mirasvit Cache Warmer, a full-page cache extension used by thousands of Magento and […]
The post Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks appeared first on Cyber Security News.