VirtueMart access control bypass

Description
  • A critical vulnerability was reported to the VirtueMart team. This vulnerability could be used by a malicious user to easily gain Super-Admin privileges on your website. The bug was patched and the version 2.6.10 (stable version) and 2.9.9b (in RC state) fixes this issue.
Remediation
  • Upgrade to the latest version of VirtueMart for Joomla! (this issue was fixed in v2.6.10).
References