Pinned Loading

1. magento2-cosmic-sting-patch magento2-cosmic-sting-patch Public

   Magento 2 patch for CVE-2024-34102(aka CosmicSting). Another way(as an extension) to hotfix the security hole if you cannot apply the official patch or cannot upgrade Magento.

   PHP 1

2. magento2-disable-customer magento2-disable-customer Public

   Disable Customer Extension for Magento 2. Disable/Enable customer login, password reset and account activation. Works for both Frontend and WebAPI area.

   PHP 1

3. disable-change-email disable-change-email Public

   A simple Magento 2 extension that prevents customer from changing account email address. Works for both Frontend and WebAPI area.

   PHP 1 1

4. magento2-jwt-auth-patch magento2-jwt-auth-patch Public

   Fix the JWT authentication vulnerability on certain Magento 2 versions. Deny tokens issued by old encryption key. If you cannot upgrade Magento or cannot apply the official patch, try this one.

   PHP 1 1

5. magento2-enhanced-xml-security magento2-enhanced-xml-security Public

   A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.

   PHP 1

6. magento2-template-filter-patch magento2-template-filter-patch Public

   Magento 2 patch for CVE-2022-24086, CVE-2022-24087. Fix the RCE vulnerability and related bugs by performing deep template variable escaping. If you cannot upgrade Magento or cannot apply the offic…

   PHP