займ на картукредит онлайн

Updates Posts

Automatic Related Products 1.4: New Types of Related Products

Even if you knew that, I’ll tell it again. According to Groove, the chance to sell something to a prospect is 5-20%, while for existing customers it is 60-70%.

Automatic Related Products 1.4: New Types of Related Products

Here, dwells the main value of the related products featured on website pages. And, the chances to sell more become even higher if the offered products are properly selected and targeted. That’s exactly the main benefit of the Automatic Related Products extension for Magento 2.

With the latest update, we significantly improved the code, usability, and performance of the extension and added some new valuable features to it.

Automatic Related Products 1.4

The opportunity to display different related products suitable for any customer group and corresponding to any shopping intention allows Magento store owners to increase sales and average order values. So, Automatic Related Products 1.4 adds several new criteria triggering product displays in the related product blocks.

Who Bought This Also Bought Rules

If your shopping audience is sensitive to the recommendations from other customers and gladly consider them for own purchases you can take advantage of the newly provided Who Bought This Also Bought display option.

MAGENTO SECURITY PATCH SUPEE-10415 RELEASED

SUPEE-10415, Magento Commerce 1.14.3.7 and Open Source 1.9.3.7 contain multiple security enhancements that help close cross-site request forgery (CSRF), Denial-of-Service (DoS) and authenticated Admin user remote code execution (RCE) vulnerabilities. These releases also include a fix for a prior customers that had experienced issues patching caused by SOAP v1 interactions in WSDL.

NOTE: Magento was recently informed about an issue with both patch SUPEE-10570 and Magento versions 1.9.3.8/1.14.3.8 that could result in the inability of customers to complete checkout when trying to register during checkout. Magento is now providing an updated patch (SUPEE-10570v2) that no longer causes this issue.

Patches and upgrades are available for the following Magento versions:

  • Magento Commerce 1.9.0.0-1.14.3.7: SUPEE-10415 or upgrade to Magento Commerce 1.14.3.7.
  • Magento Open Source 1.5.0.0-1.9.3.7: SUPEE-10415 or upgrade to Magento Open Source 1.9.3.7.

There were several CVSSv3 Severity issues found which affected the Magento products. Below are the few bugs:

Issue Type: Denial-of-Service (DOS)

CVSSv3 Severity

Security Bug

Description

6.7 (Medium)

Unsanitized input leading to denial of service

A site visitor can create an account where one of the parameters will create a server denial-of-service.

 

Issue Type: Cross-Site Scripting (XSS, stored)

6.6 (Medium)

Stored XSS in Product Name field

An administrator with limited privileges can insert script in the product name field, potentially resulting in a stored cross-site scripting that affects other administrators.

6.1 (Medium)

Stored XSS in Visual Merchandiser

An administrator with limited privileges can create a stored-cross site scripting attack in the Visual Merchaniser system.

 

Issue Type: Remote Code Execution (RCE)

5.0(Medium)

Cross-site Scripting in CMS hierarchy

An administrator with limited privileges can insert script into the CMS hierarchy, which could potentially result in a stored cross-site scripting that affects other administrators.

8.2 (High)

Remote Code Execution by leveraging unsafe unserialization

An administrator with limited privileges can insert injectable code in promo fields, creating an opportunity for arbitrary remote code execution.

Source: Magento

It is highly recommended by Magento to deploy these new releases right away, to ensure optimal security and performance. Remember to implement and test the patch in a development environment first to confirm that it works as expected or consult a professional.

What else can be done to protect a Magento site?

Apart from installing the security patches, you can always ask Magento certified professionals to conduct a security audit every quarter to ensure that your store is secured especially if you have installed new extensions and made some changes to the site.
&nbps;

Consult our certified Magento developers, if you want to implement this security patch or have any questions regarding the Magento security SUPEE-10415 patch, please contact our support team.

RMA 1.2 for Magento 2: Better UI, Higher Business Value, Better Code…

If we can not prevent customers from returning our products, we can certainly make them do this conveniently.

RMA 1.2 for Magento 2: Better UI, Higher Business Value, Better Code…

Perhaps you know that, according to IMRG, 36% of the UK customers miss the offline ease of returning items in online stores. So, the ultimate goal of merchants is to make this process as simple as it is offline and the latest version of the RMA extension for Magento 2 brings this moment just a bit closer.

RMA 1.2 for Magento 2

The whole process of return authorization touches three parties: customers, merchants, and Magento developers. The latest update of the RMA extension provides new features for all of them.

RMA 1.2 for Merchants

Web API Support
The new opportunity to integrate the RMA functionality into any third-party application via API is useful for many businesses. For example, you may need to import and update the RMA data, or even create RMA requests in your CRM system. That’s where the web API support is going to be a great enhancement towards the required integration allowing you to streamline your business processes.

Subscription & Recurring Payments Receives One More Payment Gateway – Adyen

Adyen is a global payment company that enables merchants to accept ecommerce and POS payments.

Subscription & Recurring Payments Receives One More Payment Gateway - Adyen

The provider allows customers to pay with such globally distributed payments as international credit/debit cards or bank transfers, and locally popular payment methods, e.g. Boleto or iDeal.

Adyen also supports recurring and subscription payments, so SARP 1.3 for Magento 2 provides its users with this very opportunity as well. Additionally, the new version of the extension includes the next new features:

  • Split database support (for Magento Commerce);
  • Extension activity logging;
  • General log settings;
  • Automatically suspended subscriptions if payments fail;
  • Guest checkout management improvements.

Follow Up Email 2.0: Manage, Target, Test, Improve

Why don’t your follow ups work? Of course, you know the reason better, but bet it’s something about guessing, perhaps very professional and educated, still…

Follow Up Email 2.0: Manage, Target, Test, Improve
You know that you wander in the dark vainly trying to find out the points of influence on your shopping audience to make them recover carts, send you some valuable feedback or make repeated purchases. Now you can turn the situation in your favor.

Follow Up Email 2.0 for Magento 2

Follow Up Email 2.0  is now ready to dispel the darkness and offer you a solution for easily managed, precisely targeted, comprehensively tested, and highly-efficient follow-ups.

Business Values

  • Successful new and repeat sales;
  • Effective retention of current shoppers;
  • Continuous customer relations and high brand loyalty;
  • Clear insights for performance enhancements.

MAGENTO SECURITY PATCH SUPEE-10266 RELEASED

SUPEE-10266, Magento Commerce 1.14.3.6 and Open Source 1.9.3.6 contain multiple security enhancements that help close cross-site request forgery (CSRF), unauthorized data leak, and authenticated Admin user remote code execution vulnerabilities. These releases also include fixes for issues with image reloading and payments using one-step checkout.

Patches and upgrades are available for the following Magento versions:

  • Magento Commerce 1.9.0.0-1.14.3.4: SUPEE-10266 or upgrade to Magento Commerce 1.14.3.6
  • Magento Open Source 1.5.0.0-1.9.3.4: SUPEE-10266 or upgrade to Magento Open Source 1.9.3.6

Note: SUPEE-10266 for Magento Commerce (Enterprise Edition) includes a fix for a functional issues MPERF-9685, related to checkout with a zero order amount. This fix is not included in release 1.14.3.6. However, in some cases, SUPEE-10266 can cause issues in the checkout process. Specifically, if a customer enables the Add gift options checkbox during checkout, the checkout process will not progress beyond the payments step. Magento released a fix for this issue as a new patch SUPEE-10348, that needs to be installed on top of SUPEE-10266.

There were several CVSSv3 Severity issues found which affected the Magento products. Below are the few bugs:

Issue Type: Privilege Escalation

CVSSv3 Severity

Security Bug

Description

6.7 (Medium)

RSS session admin cookie can be used to gain Magento administrator privileges.

An attacker can use a low privilege RSS session cookie to escalate privileges and gain access to the Magento Admin Portal.

 

Issue Type: Remote Code Execution (RCE)

8.2 (High)

Remote Code Execution vulnerability in CMS and layouts

A Magento administrator with limited privileges can introduce malicious code when creating a new CMS Page, which could result in arbitrary remote code execution.

5.8 (Medium)

Potential file uploads solely protected by .htaccess

An attacker can target non-Apache installations (for example, Nginx) to upload executable scripts that can be used to stage additional exploitations.

Source: Magento

It is highly recommended by Magento to deploy these new releases right away, to ensure optimal security and performance. Remember to implement and test the patch in a development environment first to confirm that it works as expected or consult a professional.

What else can be done to protect a Magento site?

Apart from installing the security patches, you can always ask Magento certified professionals to conduct a security audit every quarter to ensure that your store is secured especially if you have installed new extensions and made some changes to the site.
&nbps;

Consult our certified Magento developers, if you want to implement this security patch or have any questions regarding the Magento security SUPEE-10266 patch, please contact our support team.

Aheadworks Products Made and Updated in August

Here comes the next business year and we’d like to tell our customers about the work that have been done by our team in August.

Aheadworks Products Made and Updated in August

Today we’ll present a new product and latest extension updates of Magento 1 and Magento 2 extensions.

Marketplace Theme for Magento 2

What is the ultimate goal of any Magento store? You may say that they are multiple, and will be be just right. However, if expressed in two plain words it’s something like ‘excellent look and great performance’. And that’s exactly what the new Marketplace Theme by Aheadworks is made for.

Latest Update: Gift Card 1.2 for Magento 2

Gifting is not so easy as it may originally seem and especially in ecommerce, when you need to meet different needs of your multiple customers.

Latest Update: Gift Card 1.2 for Magento 2

That’s why we continue developing new functions and options of our Gift Card for Magento 2 extension. And, the latest Gift Card 1.2 contains the new functionality that improves both frontend shopping experience and backend configuration facilities.

Gift Card 1.2 for Magento 2

Business Value

  • Backend Promotions with Gift Cards. Using the new functionality Magento store owners are able to give gifts to their loyal and regular customers or personally greet new customers with gift cards.
  • Improved Migration and Integration. The gift code export and import options make it possible to move from Magento 1 to Magento 2 or use gift codes generated in some CRM systems or offline easily.
    Original and Recognizable Gift Codes. Custom gift codes created for different gift cards, customers or occasions make them easily recognizable for both customers and Magento admins.

Automatic Related Products 1.3 for Magento 2 with Advanced Positioning and Segmentation

Just recently we’ve updated our Automatic Related Products for Magento 2 with some useful features able to improve block positioning and shopping audience targeting.

Automatic Related Products 1.3 for Magento 2 with Advanced Targeting and Segmentation

Automatic Related Products 1.3 for Magento 2

So, what are the features that Automatic Related Products 1.3 brings to the table?

New Features List

  • Custom block position via widget;
  • Multiple blocks for a single position;
  • Magento Enterprise Segmentation support.

Business Benefits

Custom block positioning via widgets
This functionality allows you to display related product blocks at any positions in the store. Depending on your current layout, promotion goals, and customer audience specifics you can display related products on certain pages and individual positions available for Magento widgets.

Multiple blocks for one position
Now you can display several related product blocks in one place e.g. cross sells and upsells offering customers more product options to choose from. This improves the chances to show appropriate products and increase sales.

Magento Enterprise Segmentation support
Our Magento Enterprise customers can take advantage of the new dimension of targeting for related product blocks created by the extension. Not only can they diversify block positions, but also are able to display products for particular Magento customer segments, e.g. cosmetics for women, latest computer games for customers under 25, or luxury products for the customers with shopping cart subtotals over $500.

Improved Templates for Help Desk Ultimate 1.3

Just recently we’ve released a new version of the Help Desk Ultimate extension for Magento 2 stores.

Improved Templates for Help Desk Ultimate 1.3

The Help Desk Ultimate extension has a lot of automated features, including the messages about newly created tickets by customers and by agents, notifications about replies from customers and agents, messages about reassigned tickets and the changes of ticket priorities, and so on.

Help Desk Ultimate 1.3

Help Desk Ultimate 1.3 goes even farther and delivers improved email templates for the above purposes ready to be used immediately. Now, the list of AW Help Desk Ultimate templates includes:

Gift Card 1.1 for Magento 2 Delivers Gifts in Time

According to the feedback provided by our customers, Magento gift cards remain very popular among online shoppers and they ask for more and more options required for these products.

Gift Card 1.1 for Magento 2 Delivers Gifts in Time

Of course, we want merchants to provide only excellent shopping experience in their stores and recently updated our Gift Card extension for Magento 2 with some new and useful features.

Gift Card 1.1 for Magento 2

Additional Filter Options in the Gift Card Code Grid

We believe that Magento admins should have as much power in the backend as it is possible. The ideal situation is when they can get any information immediately and with no unnecessary additional actions.

Aheadworks Updates June 2017

Even though June is the beginning of the bright summer and everyone wants to take so long-awaited vacation, we also know that shopping never stops and store development should be continued no matter where our dreams soar.

Aheadworks Updates June 2017

So, with no regrets and modest gladness we’d like to present you our latest extension updates of Magento 1 and Magento 2 extensions.

Magento 2 Extension Updates

In June we updated our three Magento 2 extensions with some beneficial features.

Coupon Code Generator 1.2

Flexible Rule Priorities
Coupon Code Generator 1.2 allows Magento admins to flexibly set up rule priority or even discard further rules applicable to particular shopping carts. The ‘Priority’ option allows establishing the sequence of rules and the ‘Discard Subsequent Rules’ option deactivates further shopping cart rules with lower priorities.

MAGENTO SECURITY PATCH SUPEE-9767 RELEASED

SUPEE-9767, Enterprise Edition 1.14.3.3 and Community Edition 1.9.3.3 address several security issues.

KNOWN ISSUES:
Magento received reports that customer registration after checkout might fail if the option to ‘Enable Form Key Validation On Checkout’ is enabled. This results in customers not being registered but checking out as guests. Magento is working on updated version of the patch. As a workaround, disabling the ‘Enable Form Key Validation On Checkout’ option will revert the incorrect behavior.

Patches and upgrades are available for the following Magento versions:

  • Enterprise Edition 1.9.0.0-1.14.3.2: SUPEE-9767 or upgrade to Enterprise Edition 1.14.3.3
  • Community Edition 1.5.0.1-1.9.3.2: SUPEE-9767 or upgrade to Community Edition 1.9.3.3

There were several CVSSv3 Severity issues found which affected the Magento products. Below are the few bugs:

Issue Type: Remote Code Execution (RCE)

CVSSv3 Severity

Security Bug

Description

8.8 (High)

Remote Code Execution if the configuration setting allowing symlinks is enabled.

Use of the AllowSymlinks option in configuration settings can enable the upload of an image that contains malicious code. Although this option is disabled by default, an attacker with access to store configuration settings can enable it and remotely execute code.

8.8 (High)

Remote Code Execution in DataFlow

Magento administrators with access to DataFlow functionality can use it to upload and execute arbitrary code.

8.8 (High)

CSRF after logout – form key not invalidated

Magento does not invalidate form keys on logout, which potentially allows an attacker to execute commands as administrator after the admin logs out.

Source: Magento

It is highly recommended by Magento to deploy these new releases right away, to ensure optimal security and performance. Remember to implement and test the patch in a development environment first to confirm that it works as expected or consult a professional.

What else can be done to protect a Magento site?

Apart from installing the security patches, you can always ask Magento certified professionals to conduct a security audit every quarter to ensure that your store is secured especially if you have installed new extensions and made some changes to the site.
&nbps;

Consult our certified Magento developers, if you want to implement this security patch or have any questions regarding the Magento security SUPEE-9767 patch, please contact our support team.

Advanced Reports 2.5 for Magento 2 Focuses on Customers

The ongoing efforts we take developing our Advanced Reports extension for Magento 2 resulted in yet two new reports added to this solution. Now, the module contains 18 reports totally.

Advanced Reports 2.5 for Magento 2 Focuses on Customers

The new reports of Advanced Reports 2.5 are focused on the customer related information. Traditionally, the statistics is presented in the form of a drill-down and the Customer Sales report is the first level of your business intelligence.

Customer Sales Report

Customer Sales

Actually, the report is the first level of the customer segmentation drill-down and allows you to inspect the ranges of customers that bring sales to your store. The report consists of two sections – the grid and the bar chart.

Layered Navigation 1.6 for Magento 2: Less Filters, More Clues

Following the development roadmap we continue updating our Magento 2 extensions and here comes the next version of our Layered Navigation extension.

Layered Navigation 1.6 for Magento 2: Less Filters, More Clues

We update our products regularly, so please check the latest Magento 2 product changelogs to find the features you possibly missed. And, let us remind you that our customers take advantage of free lifetime updates, so you can improve your stores without any extra charge.

Layered Navigation 1.6

Hiding Void Filters

This feature makes the Layered Navigation filter more clear and comfortable as far as it disables the filters having only null attributes. No matter, either you start with a particular category or negate some filters during the filtration process, the module will hide the whole product attribute filter with all blank options.