14 DAY TRIAL // The PrestaShop developers are warning users that hackers are exploiting a zero-day vulnerability in the e-commerce solution and is urging them to deploy a fix.
The vulnerability was identified when PrestaShop's own website was hacked on Tuesday, an event that put the development team in full alert.
"Last night, the PrestaShop’s official website, prestashop.com, was hacked, resulting in the misappropriation of a script intended for transcribing news information in the Back Office of PrestaShop stores," the developers announce.
"The entire PrestaShop team dedicated ourselves to identifying and fixing this issue as quickly as possible. That fix has been completed," they add.
Versions 1.4, 1.4.1, 1.4.2, 1.4.3 and 1.4.4 of the popular open source e-commerce solution are vulnerable, but not all installations are necessarily affected.
E-shop owners are advised to check for one of several symptoms in order to determine if they were compromised. These include the existence of a file called her.php in the root of the /modules folder, the existence of a file other than index.php in the upload or download folders, unauthorized modifications to the footer.tpl file or the disappearance of the tools/smarty_v2 directory.
"If you fulfill one of these conditions, your shop may have been infected," the development team warns. But unaffected users are also strongly encouraged to deploy the fix in order to avoid compromises in the future.
The first step is to change the database password. The new password must be inserted into the PrestaShop settings.inc.php file. The second step is to download the fix file, upload it into the root directory of the shop and execute it by loading its URL in a browser. The file needs to be deleted afterwards.
Renaming the admin folder and changing the passwords of all admin users is also a recommendation that all store owners should follow in order to increase the security.