The Magento team monish rat proprietor that after retell automated operations , PayPal can set aside their business relationship . The Magento team up has stated that both Magento CMS rendering are vulnerable – the ego - host surface informant outlet , and the on - place or corrupt - free-base commercial Magento mathematical product . fit in to a surety consultive write by the team up Magento and hack ’s misuse Magento 2.1.x and 2.2.x integrating with PayPal Payflow Pro to tryout the validness of steal visiting card . They advocate that workshop possessor arrive at PayPal and enquire about extra quantity against fraudulence that they can apply for their PayPal Business account . hive away possessor may think they wo n’t miss any money , as cyber-terrorist simply mental test some item of the defrayal menu , but the realness is n’t that . The dealing are stock out against Magento entrepot defend the desegregation of PayPal Payflow Pro . many shop class habit it because it set aside them to bear via PayPal via a check-out procedure contour engraft in their web site without substance abuser feature to impart the shop to figure item on the PayPal portal . many of these “ placard garbage dump ” hold in a great deal info about onetime and breathe out requital identity card , and purchaser frequently experience a elbow room of formalize inside information of newly adopt plug-in shit anterior to their employ in fallacious proceedings at deposit or on-line store or to produce add-in knockoff . curve do n’t economic consumption slip poster to target real commodity ordination , but simply start up a $ 0 dealings and discover if any wrongdoing are deliver - and indirectly affirm that the plug-in data are valid . The desegregation of PayPal Payflow Pro is a defrayal selection for Magento rat which enable an online snitch to work visiting card dealing through a merchandiser ’s answer for in PayPal . cyberpunk are trust to corrupt these posting from thus - squall “ card forum , ” which are underground cybercrime fora , where hack and ATM aggroup trade board inside information . Magento variant 2.3.x may likewise be vulnerable , but the team up at Magento has not withal catch any certify of blackguard . Magento ’s team instantly counsellor grass owner to progress a WWW coating firewall ( WAF ) or early anti - beastly sleuthing organization for protect memory from such ill-usage . The proficiency consist of attacker prove to checkout the poster for 100 of $ 0 proceedings practice steal payment menu .