Compliance of the Ap Page Builder module

A correction has been made to the Ap Page Builder module, following a security alert.

Module installed on your store

If you have installed this module on your store, we strongly encourage you to update it to its latest version (4.0.0). To do this, you can:

• Either download the latest version of the module on the Marketplace and upload the zip file via the module manager in your back office: https://addons.prestashop.com/page-customization/20111-ap-page-builder.html
• Or update the module directly from your back office, if you have correctly linked your store to your PrestaShop account.

Module integrated into a template

If the Ap Page Builder module is integrated into a template installed on your store, you will then need to modify certain lines directly in the module file.

Log in to your server via FTP and find the following file: appagebuilder/classes/shortcodes/ApProductList.php

Then, 2 lines need to be modified in this file to apply the patch:

Line 428

Old version (vulnerable)

$apPConfig['product_item_path'] = $assign['product_item_path'];

New version (patched)

Context::getContext()->cookie->{'productItemPathApProductList_'.$assign['formAtts']['form_id']} = $assign['product_item_path'];

Line 457

Old version (vulnerable)

$assign['product_item_path'] = $input->product_item_path;

New version (patched)

$assign['product_item_path'] = Context::getContext()->cookie->{'productItemPathApProductList_'.$input->form_id};

Please note: The alert message indicating that the module needs to be corrected is conditional on the version of the module, the most recent being 4.0.0. It is therefore possible that it remains displayed, even once the patch has been applied and is functional. If you do not have the possibility to update the module to its latest version, then you can modify the version number in the module file itself. At the line this->version = '3.0.0', replace the 3 with a 4.