PHPackages wubinworks/module-session-reaper-patch - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. wubinworks/module-session-reaper-patch ActiveMagento2-module[Security](/categories/security) wubinworks/module-session-reaper-patch ====================================== Patch for CVE-2025-54236(a.k.a Session Reaper) which allows customer account takeover and RCE under certain conditions. This patch is actually a Magento 2 extension and universal compatible for Magento 2.3 & 2.4. If you cannot upgrade Magento or cannot apply the official hotfix, try this one. 1.0.1(6mo ago)1125OSL-3.0PHP >=7.1 Since Oct 19Compare [ Source](https://github.com/wubinworks/magento2-session-reaper-patch)[ Packagist](https://packagist.org/packages/wubinworks/module-session-reaper-patch)[ Docs](https://www.wubinworks.com/session-reaper-patch.html)[ RSS](/packages/wubinworks-module-session-reaper-patch/feed)WikiDiscussions Synced 1mo ago READMEChangelogDependencies (1)Versions (4)Used By (0) ### README not available The README for this package hasn't been synced yet. View it on [GitHub](https://github.com/wubinworks/magento2-session-reaper-patch). ### Health Score 32 — LowBetter than 72% of packages Maintenance69 Regular maintenance activity Popularity15 Limited adoption so far Community2 Small or concentrated contributor base Maturity32 Early-stage or recently created project How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~21 days Total 2 Last Release 182d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/7de965a6287fb784969afeb4b173521d3cb59c6b873b7248263abb9fc098eddd?d=identicon)[wubinworks](/maintainers/wubinworks) --- Tags securitymagento2magento 2CVE-2025-54236sessionreapervulnerabilityrcesession reapersession takeovercustomer account takeover ### Embed Badge ![Health badge](/badges/wubinworks-module-session-reaper-patch/health.svg) ``` [![Health](https://phpackages.com/badges/wubinworks-module-session-reaper-patch/health.svg)](https://phpackages.com/packages/wubinworks-module-session-reaper-patch) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M212](/packages/defuse-php-encryption)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[spatie/laravel-csp Add CSP headers to the responses of a Laravel app 8519.6M19](/packages/spatie-laravel-csp)[psecio/versionscan A PHP version scanner for reporting possible vulnerabilities 25156.4k1](/packages/psecio-versionscan)[mitnick/laravel-security laravel-mitnick helps you secure your Laravel apps by setting various HTTP headers. it can help! 8111.7k1](/packages/mitnick-laravel-security) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)