Security has been greatly improved and tightened in v1.5.0 so that unauthorized scripts (ie: things running without logging in) can't damage the cart.
All admin scripts which change data must properly use form POSTs instead of GETs and must have a valid securityToken in them, which is only available to logged-in user sessions.
You will need to update your scripts accordingly.


Reply With Quote
