Despite newsletter sent out by CRE Loaded and us, many websites owners are still not aware of critical security issue with all CRE Loaded stores up to 6.4.0. Vulnerability allows anybody to access store administrator panel and gain control over whole store.
To check if your website is vulnerable open http://www.example.com/admin/orders.php/login.php URL in your browser, considering that http://www.example.com/admin/ is a path to your store administrator panel. If you need help checking if your website is vulnerable, please contact us.
There are two options options to get this issue fixed:
1) If you have coding skills and do not afraid to edit store files, download fix from "My Downloads" area on www.creloaded.com when you login to your account.
2) You can purchase our service and we will fix it for you. Just add this product to cart and checkout if you want us to fix vulnerability and protect your store from being hacked.
There is additional option we offer to protect your store with additional login window that is brought by web server when accessing administrator panel. This will prevent your store from being vulnerable from security holes discovered in CRE Loaded administrator panel in future. To order additional protection just select option below.
