A new Magento security patch has just been released for Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition). The security patch SUPEE-10266 is in version 1.9.3.6, 2.0.16 and 2.1.9.
These releases contain almost 40 issues and security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. It’s important that this update is installed as soon as possible, because the vulnerabilities which are closed in this update are already being exploited.
You can learn more about this patch in the Magento Tech Resources.
Below, you can find our latest themes and extensions updated for Magento 2.1.9 and Magento 1.9.3.6.