Supee-11155 has now been released.

This update offers a range of security updates that help close remote code executions (RCE), cross-site scripting (XSS), cross-site request forgery (CSRF) and other vulnerabilities.

This is an important update given the range of security issues addressed.


Patches and upgrades are available for the following Magento versions:

Magento Commerce SUPEE-11155 or upgrade to Magento Commerce

Magento Open Source SUPEE-11155 or upgrade to Magento Open Source


Full information on all changes in and releases is available in the Magento Commerce and Magento Open Source release notes.

Ideally you should have your developer apply the patches. Alternatively, please raise a ticket and Dx3webs will apply and ‘best endeavours’ basis. (Please note we will backup your site.. apply the patches and request that you check that all is well. If not the best we can do is to roll back the patches at which time you will need to seek support from your developer).