IMPORTANT Security Fix for ALL versions of Zen Cart

Article Date(s): 07/08/2014 - 12/31/2035
On July 4th, the developers of Zen Cart released a new version -1.5.3.

This version, like 1.5.1, is not PA DSS certified for the credit card industry. However, it is in the process of being certified. Once certified, it is my understanding that a new release (with new number) will come out. This could take a couple of months or longer.

Version 1.5.3 contains over 150 additions / fixes from version 1.5.1. This results in 198 CHANGED files and 12 NEW files as well as database changes.

For a detailed listing of what has changed in 1.5.3, go to the Zen Cart website here:

Some of the more interesting / needed fixes I have picked out of all of them are:

CHANGE-196 - Fix issue with Store-pickup module vs taxes
CHANGE-332 - Update PayPal WPS to prevent mistakenly entering localized country domain for accessing PayPal services (per PayPal change Q3-2012)
CHANGE-371 - Fix for checkout_shipping creating debug logs when shipping method fails to generate methods
CHANGE-386 - Fix CURL/SSL Vulnerabilities
CHANGE-435 - Set reply-to header in admin copy of order-confirmation email - to make for easier replying to customers
CHANGE-450 - Switch to SSL for contact-us form (when SSL is enabled)
CHANGE-451 - Fix canonical link handling for cases where the site operates entirely in SSL
CHANGE-484 - Quantities added to cart should adjust to stock rather than just a message
CHANGE-524 - Fix SaleMaker issues on Discount Quantity
CHANGE-527 - Add configuration-settings-search to Developers Toolkit, credit B.Bellamy,torvista (makes the search_configuration_keys plugin obsolete)
CHANGE-675 - Update country names to reflect changes in the ISO standards thru end of 2013
CHANGE-690 - Add function to do lookup of latest version of plugins

We will be using version 1.5.3 for all new installs and upgrades.

Our upgrade services can be found under Zen Cart Upgrade on our website.

Please note that modifications are not included in the upgrade price, but most are offered at 50% off when doing an upgrade. We will begin scheduling ordered upgrades immediately and will be scheduling 2 per week. Please allow 2 days for your upgrade to be completed once it has been started. As always, we schedule on a first come/pay basis. Please be sure to click the banner on the "Thank You" page when you check out, and fill out the form for Upgrade or Site Move.

If you are running version 1.3.9 of Zen Cart, it is highly recommended that you get upgraded to the latest stable version if for no other reason than security for you and your customers.

If you are at 1.5.0 or 1.5.1, you may wish to wait to upgrade until this latest version has passed PA DSS Certification - IF you are not having any issues with your shopping cart. I will be informing you once the certified version comes out.

Server Requirements: (if you are hosted with us, our server meets these requirements)

* PHP 5.2.10 to 5.6.x, Apache 2.0 to 2.4, and MySQL 4.1.3 to 5.6.x.
* Apache must be configured with AllowOverride set to either 'All' or at least both 'Limit' and 'Indexes' parameters, and preferably the 'Options' parameter as well.
* PHP must be configured to support CURL with OpenSSL

While Zen Cart® can run on Windows/IIS servers, Linux/Apache servers are recommended for best results.


Judy Gunderson

Shopping Cart

Your cart is empty.

Customer Reviews

Zen Cart Experts

After dealing with other so called "zen cart experts" Judy truly defines the word expert!!! My site has never worked faster and she did all the work...


The best money that I have ever spent. My website had been at a standstill for the past 3 months...Judy was able to take my list+ (I constantly...

Zen Cart Help?

No other place Like this one! Courtesy, knowledge, fair prices that’s Judy, she is a godsend! Thanks Judy

My Angel

My Angel

I wasted 2 weeks of my precious working time TRYING to figure out what I needed to learn to achieve my goal of moving to a new server, upgrading my...

Judy is a pleasure to do business with

I came across Judy by accident, Google actually, after having had trouble with a couple of people who were not interested in helping develop a...

Who's Online

There currently are 2 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart