NOTE: On 4/13/17 these files were updated.
On 12/26/16, the Open Source PHPMailer project coders were informed of a security bug that could allow malicious users to send unauthorized emails out. They immediately responded with a fix and the Zen Cart Dev Team announced this fix as soon as it came out.
It is important that ALL versions of Zen Cart have this security fix installed. This security fix has been tested with all version of Zen Cart since 1.5.0. For this reason, we will ONLY install this security fix on Zen Cart versions 1.5.0 and higher.
If you are using a version older than 1.5.0, you are not just putting yourself at risk but also your customer at risk and need to upgrade to the latest version of Zen Cart.
At the VERY LEAST, each Zen Cart owner should be at version 1.5.4.