The list of Zen Cart security patches for 1.5.x+ is here:
- Patch for 1.5.7/1.5.7a (November 2020)
- Notify Patch (July 2019)
- PHPMailer Patch (Dec 2016)
- Admin Privilege Escalation patches (12 May 2016)
- Trustwave patches (March 2016)
- High-Tech Bridge patches (Nov 2015)
- Curesec patch (Sept 2015)
- POODLE patches (Oct 2014)
All of these patches are included in the current release, so if you are running an older version, you should upgrade as soon as possible.
Getting Notified of Security Updates
Subscribing to release announcements is a great way to stay informed about new releases and security updates.
New Security Issues
If you believe you have found a security issue, please do not release your finding publicly; instead, follow the security reporting protocol.