Unfortunately, there has been a security breach that must be immediately addressed.
Under certain circumstances it is still possible to compromise Shopware and the HotFix plugin that was previously provided. One possible threat is if a template that doesn’t derive from the Shopware standard has been completely copied.
To prevent this scenario, we created an updated version of Shopware (5.2.16) and the HotFix plugin (1.1.0). To ensure security, we strongly recommend that you install the latest version of Shopware or the most recent version of the HotFix plugin.
Please check whether you use themes or plugins that execute or overwrite the following template code. In this case, we recommend that you also make the following template adjustments in the derived template file.
You can find more information about performing the update in our Wiki article.
With any questions regarding the security update, you can reach a member of our team at 00 800 746 76260 or firstname.lastname@example.org.