Known Vulnerabilities for products from PrestaShop
Listed below are 20 of the newest known vulnerabilities associated with the vendor "PrestaShop".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33674 json | PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation fram... | Not Provided | 2026-03-26 | 2026-04-01 |
| CVE-2026-33673 json | PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Sit... | Not Provided | 2026-03-26 | 2026-04-01 |
| CVE-2024-21628 json | 6.1 - MEDIUM | 2024-01-02 | 2024-01-08 | |
| CVE-2024-21627 json | 6.1 - MEDIUM | 2024-01-02 | 2024-01-08 | |
| CVE-2023-48926 json | 5.3 - MEDIUM | 2024-01-16 | 2024-01-23 | |
| CVE-2023-47110 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2023-11-09 | 2023-11-15 |
| CVE-2023-47109 json | PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the st... | 8.1 - HIGH | 2023-11-08 | 2023-11-16 |
| CVE-2023-43664 json | PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all mo... | 4.3 - MEDIUM | 2023-09-28 | 2023-10-03 |
| CVE-2023-43663 json | PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from ... | 4.3 - MEDIUM | 2023-09-28 | 2023-10-03 |
| CVE-2023-39530 json | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the serv... | 9.1 - CRITICAL | 2023-08-07 | 2023-08-09 |
| CVE-2023-39529 json | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the ser... | 9.1 - CRITICAL | 2023-08-07 | 2023-08-09 |
| CVE-2023-39528 json | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be use... | 8.6 - HIGH | 2023-08-07 | 2023-08-09 |
| CVE-2023-39527 json | PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross... | 6.1 - MEDIUM | 2023-08-07 | 2023-08-09 |
| CVE-2023-39526 json | PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remot... | 9.8 - CRITICAL | 2023-08-07 | 2023-08-09 |
| CVE-2023-39525 json | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised... | 9.1 - CRITICAL | 2023-08-07 | 2023-08-10 |
| CVE-2023-39524 json | PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search... | 9.8 - CRITICAL | 2023-08-07 | 2023-08-10 |
| CVE-2023-36263 json | Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontControl... | 9.8 - CRITICAL | 2023-10-31 | 2023-11-08 |
| CVE-2023-33777 json | An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal att... | 5.3 - MEDIUM | 2023-07-25 | 2023-07-31 |
| CVE-2023-31672 json | In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability. | 9.8 - CRITICAL | 2023-06-15 | 2023-06-24 |
| CVE-2023-31508 json | ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2020-15178. Reason: This record is a duplicate of CVE-2020-15178. No... | Not Provided | 2023-05-11 | 2023-11-07 |
Known software with vulnerabilities from PrestaShop
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Prestashop | Contactform | 1.0.1 |
| Application | Prestashop | Correos Express | 1.6 |
| Application | Prestashop | Dashboard Products | - |
| Application | Prestashop | Ebay Module | - |
| Application | Prestashop | Faceted Search Module | 1.0.0 |
| Application | Prestashop | Prestashop | - |
| Application | Prestashop | Prestashop Link | 1.0.4 |
| Application | Prestashop | Prestashop Linklist | 1.0.4 |
| Application | Prestashop | Prestashop Socialfollow | 1.0.0 |
| Application | Prestashop | Productcomments | 3.6.0 |
| Application | Prestashop | Product Comments | 3.6.0 |