The list of Zen Cart security patches for 1.5.x+ is here:
- Notify Patch (July 2019)
- PHPMailer Patch (Dec 2016)
- Admin Privilege Escalation patches (12 May 2016)
- Trustwave patches (March 2016)
- High-Tech Bridge patches (Nov 2015)
- Curesec patch (Sept 2015)
- POODLE patches (Oct 2014)
All of these patches are included in the current release, so if you are running an older version, you should upgrade as soon as possible.
New Security Issues
If you believe you have found a security issue, please do not release your finding publicly. Instead, send reports (including proof of concept) to security [AT] zen-cart [DOT] com. The core team will review your finding and respond appropriately. See Security Reports for more information.
In your post, please include your Zen Cart and PHP versions, and a link to your site.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.