WP e-Commerce 3.8.7.5 security release
Hi everyone!
First of all, happy new year! 2012 will be a very exciting year for WPEC users. Some big stuff is coming up for this year, but that’s for another post (we prefer to show you rather than to tell you 
It’s going to be a pleasant surprise for sure).
Anyways, our friend Alain Schneider helped us plug a Cross Site Scripting (XSS) security hole that’s affecting all 3.8.x and 3.7.8.x installations. The severity of this issue is moderate, so we highly recommend that you upgrade to 3.8.7.5 and 3.7.8.3 respectively (by “highly recommend”, we really mean we’re begging you to upgrade; security issues are no trivial stuff!).
We would also like to thank White Fir Design for organizing the WordPress Security Bug Bounty Program. Most of our recent security fixes came out of that program, and we can’t say enough how grateful we are! It’s impressive that a company is willing to go that far to improve the quality of WordPress open source plugins. But it’s also shocking that such a program is not heavily promoted and talked about by WordPress community. If you’re interested, head over there and participate!
How to upgrade
For 3.8.x users, you can use WordPress’ automatic upgrade feature. Or you can download the package manually, extract it and upload to wp-content/plugins.
For 3.7.8.x users, do not use automatic upgrade. Instead, download the 3.7.8.3 package here, extract it and upload to wp-content/plugins. It’s important to note that we no longer officially support 3.7.8. We recommend that you upgrade to the latest 3.8.x to enjoy all the new features and bug fixes.
We don’t want to sound like a broken record, but please backup your database and files before upgrading, just in case. In fact, you should not only do this with WP e-Commerce updates, but also with WordPress core or any other plugins’ updates.
hi we are still having problems setting up the google checkout and would very much like someone to contact us in order to deal with this situation.
I cant seem to change the size of the single product image in the new release: http://www.honeycomb-events.com/shop/product-category/test-2/
For some reason it wont update to a smaller size when i change it in the presentation settings. Is this a bug or just me? :S
It was just me… no worries
There is an issue with WPEC whereby the price of “Related Products” shows up as “$0″ instead of the actual price. The issue was traced to the “product-template.php” file in /wp-e-commerce/wpsc-includes
Here is the fix:
———————–
In file /wp-e-commerce/wpsc-includes/product-template.php
on line 411
This line was replaced:
if ( ! empty( $wpsc_variations->first_variations ) ) {
With This:
if ( ! empty( $wpsc_variations->first_variations ) && $wpsc_variations->variation_count > 0 ) {
In order to return the correct price for Related Items instead of $0
———————–
Kindly incorporate this fix in the next release.
Thank you.
I upgraded WP e-Commerce but I’m still showing that my Gold Cart plugin needs to be updated. The upgrade link takes me to this page and I don’t see anywhere where I can upgrade my Gold Cart plugin.
Could you please post the link to that upgrade please?
Thanks!
Wendyn,
Did you find an answer to this? I’m having the same issue.
Thank you!