Date: 2nd July, 2026
We are writing to make you aware that Amasty has released security updates for a number of its Magento and Adobe Commerce extensions, including a fix for a vulnerability rated critical. If your store uses Amasty extensions, we recommend reviewing your installed modules and updating them to Amasty's recommended secure versions. Transparency and security are our top priorities, and we want to make sure you have this information.
Extensions are part of your Magento application rather than the underlying infrastructure. Keeping them current is handled by your team or your development partner, so this update requires action on your side.
Overview
Amasty maintains a list of recommended module versions and periodically releases security fixes across its catalog. Its latest updates include a critical fix for the Amasty Order Attributes extension, resolved in version 4.0.0 and released in June 2026. The issue is tracked publicly as CVE-2026-53787. We recommend treating any outdated Amasty module as a priority to update.
Action required
- Review the Amasty extensions installed on your store.
- Update any module that sits below Amasty's recommended secure version. Amasty publishes its current recommended versions on its website.
- Give priority to Amasty Order Attributes, which should be on version 4.0.0 or later. This release is backward incompatible, so validate in a staging environment before deploying to production.
- If a development partner or system integrator manages your store, share this advisory with them so the updates can be scheduled.
What Webscale is doing
We manage and secure the infrastructure your store runs on. Amasty extensions run inside your Magento application, which sits above the infrastructure layer, so these updates must be applied to your codebase. If you would like assistance planning or validating the updates, our support team is available to help.
Further support
If you have any questions about this advisory or need assistance, please reach out to our support team through your customer portal or by emailing support@webscalenetworks.com. You may follow our announcements for future updates.
References
- Amasty recommended module versions: https://amasty.com/blog/security-updates-available-for-amasty-extensions/
- CVE-2026-53787 (NVD): https://nvd.nist.gov/vuln/detail/CVE-2026-53787
Comments
0 comments
Article is closed for comments.