The Home for Magento 2 Excellence

Allows administrators to change customer passwords directly from the customer edit page in the admin panel. Includes a command-line interface for password updates.

46 234,202 0 v1.1.2 10d

This extension is adjusting the Cookie SameSite attribute issue since Chrome 80.

65 478,907 18 3.2.2 22d

CLI tool that inspects and reports the Content-Security-Policy headers generated for a given Magento URL and policy, making CSP values easier to review than digging through the browser.

4 92 0 1.0.6 25d

Implements the EU right of withdrawal (Directive (EU) 2023/2673) with a clearly visible withdrawal button, letting customers withdraw from purchase contracts from their account or via a guest search form, with deadline calculation, confirmation emails, and a full admin overview of withdrawals.

0 974 0 1.5.0-p2 38d

Provides Hyva-compatible frontend templates (Tailwind CSS and Alpine.js) for the Withdrawal Button module, replacing its Luma/Knockout/RequireJS templates so the EU right-of-withdrawal workflow renders correctly on Hyva storefronts.

0 977 2 1.0.0-p2 38d

Strips SQL keywords, statement terminators and comment markers from storefront search queries via a QueryFactory plugin as a defense-in-depth layer, logging every sanitization event for auditing.

0 2 0 v1.0.0 45d

Extends Magento native reCAPTCHA to integrate Google reCAPTCHA Enterprise using the official Google Cloud PHP client, with admin configuration for the Cloud project ID and service-account credentials.

0 48 0 1.0.0 70d

Adds CLI commands to toggle all CAPTCHA and reCAPTCHA settings on or off, with an option to also disable or re-enable Magento's two-factor authentication module.

0 9 0 v1.0.1 77d

Security hardening package bundling defensive mitigations that block file-type custom option uploads via the Web API (PolyShell / APSB25-94) and patch the frontend SessionReaper vulnerability.

0 40 0 1.0.0 84d

Automatically scans and removes malware files from the Magento media directory every 15 minutes, protecting the store from uploaded malicious files.

0 4 0 1.0.0 94d

Mitigates PolyShell-style file upload abuse by blocking file custom option uploads and restricting allowed extensions to images only. Includes a CLI command to scan and clear suspicious files from the custom_options media directory.

0 725 0 1.0.5 95d