The Zen Cart development team has been notified by Trustwave (a PCI Compliance scanning company) that there are possible multiple security vulnerabilities in Zen Cart Admin.  The majority of these vulnerabilities were XSS and/or reflected XSS vulnerabilities.

The developers have released a fix for this which can be found on their website.

This security patch is NECESSARY for ALL Zen Cart versions 1.5.0, 1.5.1, 1.5.2, 1.5.3 and 1.5.4.  If you are upgrading to version 1.5.5 you do not need to order this patch.