Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. https://threatpost.com/magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws/158864/
