Under certain circumstances it is possible to execute an authorized foreign code in Shopware. This is a security vulnerability that could affect the entire system. All Shopware versions including Shopware 5.2.24 are affected. It is imperative that security updates be performed for every Shopware shop. Our current software version 5.2.25 already contains the required security update. You can upgrade to the new version 5.2.25 using the auto-update function in your backend or by downloading the release from our download page.
We strongly recommend to update to the latest version of Shopware (5.2.25). This version will fix these vulnerabilities. You can use the auto-update process or simply download the version over our download page.
This is a general security plugin. In the future potential security gaps can be fixed by updating this plugin. Although it is always recommended to update to the latest patchversion of Shopware.