If you are running a legacy Magento 1.9 store, security experts recommend the following actions:

Magento 1.9.0.0 is over 10 years old and highly insecure.

Authenticated Remote Code Execution (RCE).

Critical Magento Flaws Expose Sites to Takeover - SecurityWeek

The Magento 1.9.0.0 exploit is a stark reminder of the importance of keeping your e-commerce platform and related software up-to-date. Security is an ongoing process that requires attention to updates, patches, and best practices. If you're running an outdated version of Magento, prioritize migration or patching to protect your business and customers.