Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Magento Cache Plugin Flaw Enables Remote Code Attacks

Magento Cache Plugin Flaw Enables Remote Code Attacks

Posted on June 1, 2026 By CWS

A significant security vulnerability has been identified in a popular Magento caching plugin, exposing online stores to remote code execution attacks without requiring login access or administrative credentials. This vulnerability, affecting the Mirasvit Cache Warmer extension, was discovered by security experts at Sansec.

Details of the Vulnerability

The flaw, designated as CVE-2026-45247 and rated with a critical severity score of 9.8 on the CVSS scale, involves an unauthenticated PHP object injection. Mirasvit Cache Warmer is utilized by thousands of Magento and Adobe Commerce stores to enhance page load times by preloading cached pages. However, the plugin’s method of handling session data poses a serious risk.

The vulnerability arises because session data embedded in cookies is sent to the server, where the plugin processes it using PHP’s unserialize() function without any class or authentication restrictions. This allows attackers to manipulate the cookie to inject arbitrary PHP objects, leading to Remote Code Execution (RCE) when combined with existing Magento classes.

Impact and Scope

This vulnerability is prevalent across all Mirasvit Cache Warmer versions prior to 1.11.12. The plugin is often included in other Mirasvit packages, potentially affecting many unsuspecting merchants. Sansec’s research identified approximately 6,000 active stores using Mirasvit extensions, with the true number likely higher due to CDN obfuscation.

The attack vector affects every request to the storefront, making any Magento store with public visibility a possible target. Web logs may reveal exploit attempts through specific patterns involving CacheWarmer cookies followed by base64-encoded serialized PHP objects.

Mitigation Measures

Mirasvit responded swiftly with a patched release, version 1.11.12, available since May 25, 2026. Store owners are urged to upgrade immediately to mitigate the risk. Additional protective measures include deploying web application firewalls to block serialization exploits, scanning for unauthorized PHP files, and auditing installed packages for embedded Cache Warmer modules.

Sansec Shield clients were preemptively safeguarded from April 24, 2026, coinciding with the discovery of the vulnerability. The CVE designation was officially assigned on May 26, 2026. Given the automatic nature of potential exploitation, unpatched systems remain highly vulnerable to server compromise.

For further insights into securing web applications, a free webinar on OWASP API Top 10 and strategies to enhance visibility using WAAP is available for interested parties.

Cyber Security News Tags:cache plugin, CVE-2026-45247, Magento, Mirasvit, PHP object injection, remote code execution, Sansec, Security, Vulnerability, web security

Post navigation

Previous Post: Critical WP Maps Pro Flaw Endangers WordPress Sites
Next Post: Dutch Authorities Dismantle Massive Botnet Network

Related Posts

Microsoft Office Vulnerabilities Let Attackers Execute Remote Code Microsoft Office Vulnerabilities Let Attackers Execute Remote Code Cyber Security News
Weaponized Chrome Extension Affects 1.7 Million Users Despite Google’s Verified Badges Weaponized Chrome Extension Affects 1.7 Million Users Despite Google’s Verified Badges Cyber Security News
ScarCruft Hacker Group Launched a New Malware Attack Using Rust and PubNub ScarCruft Hacker Group Launched a New Malware Attack Using Rust and PubNub Cyber Security News
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges Cyber Security News
UEFI Shell Vulnerabilities Could Allow Hackers to Bypass Secure Boot on 200,000+ Laptops UEFI Shell Vulnerabilities Could Allow Hackers to Bypass Secure Boot on 200,000+ Laptops Cyber Security News
Fortinet FortiManager Flaw Risks Unauthorized Command Execution Fortinet FortiManager Flaw Risks Unauthorized Command Execution Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Critical wp2shell RCE Vulnerability Threatens WordPress Sites
  • AI Tool Revolutionizes Automated Penetration Testing
  • Critical WordPress Flaw Allows Code Execution
  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Critical wp2shell RCE Vulnerability Threatens WordPress Sites
  • AI Tool Revolutionizes Automated Penetration Testing
  • Critical WordPress Flaw Allows Code Execution
  • OpenSSL Vulnerability ‘HollowByte’ Poses Severe Threat
  • OpenSSL Vulnerability Causes Memory Freeze with Minimal Data

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark