Dear Magestore customers,
We’ve been recently notified of a vulnerability issue with two of our old extensions, Store Locator and Store Pickup.
If you are using these extensions on your website, please consider one of the following options:
1. If you don’t want to use the extensions any more:
You can disable the extensions using the commands below:
php magento/bin module:disable Magestore_Storelocator php magento/bin module:disable Magestore_Storepickup
2. If you want to continue using these extensions:
Please apply the patches below into your Magento Installation as soon as possible:
You can find these patches when you login to your account, under “Downloadable Package.”
If you do not know how to apply a patch to your Magento installation, please follow this guide.
pIf you purchase these extensions from Magento Marketplace or have any other questions, please contact us at https://magestore.zendesk.com to get the latest patch.
Please note that customers using Magento 1 are not affected by this issue.
We would like to thank the customers who have taken their time to report the issue to us.