The most popular e-commerce platform owned by eBay, Magento is once again in the news. This time for a critical Remote Code Execution (RCE) vulnerability, affecting hundreds of thousands of online merchants worldwide. If exploited, the critical vulnerability could allow a hacker to compromise completely any online store powered by Magento and gain access to credit card details and other financial as well as personal information related to the customers. Magento also released a patch (SUPEE-5344 available here) to address the vulnerability on February 9, 2015.
Source: https://thehackernews.com/2015/04/Magento-security.html