Highlight features and changes:
• Multi-store support.
• Multi-vendor support.
• Performance optimization.
• Search engine optimization. Rich snippets support added, etc.
• A lot of HTML and CSS refactoring. Thanks a lot to www.nop-templates.com for this contribution.
To see the full list of fixes and changes please visit the release notes page. By the way, nopCommerce is the first and the only open-source ecommerce solution which has multi-store and multi-vendor support available out of the box. We would really appreciate it if you could share this great news with your friends or colleagues (if you have a site or social network page, please write about us).
We also fixed a critical security issue. The security vulnerability affects all 2.X versions of nopCommerce. We won’t share the issue details because people need a chance to update or fix their installations. The upgrade is HIGHLY recommended. If you don’t have an opportunity to upgrade to version 3.00, then please follow the next steps to fix your 2.X version. Open web.config file in the root of your site and remove the following three lines of code:
<add verb="GET,HEAD" path="asset.axd" validate="false" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" />
<remove name="asset" />
<add name="asset" preCondition="integratedMode" verb="GET,HEAD" path="asset.axd" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" />
As you can see it was caused by a third-party library (Telerik MVC Extensions), but we apologize for the inconvenience that this security vulnerability has caused.
UPDATE: If you downloaded nopCommerce 3.00 on May 4th - May 15th (the first 12 days after the release), then please re-download the package. Several issues have been fixed. Please find more info about them here, here, here and here. You can simply apply the changesets described in these topics if you do not want to re-download the entire package