Prestashop Module Send to a Friend Must be Updated Now to Avoid Spammers Abuse

Recently I made a Responsible Disclosure for 2 security vulnerabilities in Prestashop Module Send to a Friend and provided also the fixes for them in a Github Pull Request.

This was done in coordination with Prestashop Core Team to ensure the issue was not public until Prestashop owners of Online Stores have the time to update the module and also to guarantee that the code for the fixes was according to their rules.

Update Now

Before I reveal details in another Blog Post, about the security issues, I would like to give another opportunity to all Prestashop owners of an E-commerce Store to update the Send to a Friend module.

So do not let for tomorrow what you can do now… Please update your module ASAP, it will take only 1 minute of your time.

Why I Need to Update Now?

Because your Prestashop Online Store is now vulnerable to be heavy abused by Spammers and as consequence being Black Listed by any email provider like Gmail, Hotmail or any other one processing lot of spam emails per minute from your Online Store.

Prestashop Module Send to a Friend can be abused by Spammers when is Enabled or Disabled

So if you are not using it you still need to updated it.

How to Update

If you are a experienced user you probably already know how to upgrade a module, but Prestashop beginners may need a Tutorial with a detailed How To for updating their Prestashop Send to a Friend Module.

Please refer to the Tutorial How to Update only one Prestashop Module.

Don’t be Lazy

In return to this post I only ask that you spent 1 minute of your time to Share It on your Social Networks, leave a Disqus Comment or start to Follow Me in any of my Social Networks.

Seeing this actions taking place will keep me MOTIVATED to continue writing more Blog Posts 😃

Disclaimer

What I write and express here is only in my behalf and do not represent the company I work for, or any previous one, neither my family, friend, colleague or any body else unless it is explicitly identified by me.

English is not my natural language, so feel free to point out any incorrectness for en-GB… I will welcome all your help :)

comments powered by Disqus