Known Vulnerabilities for products from Prestashop

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Prestashop".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-33674 json PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 improperly use the validation fram... Not Provided 2026-03-26 2026-04-01
CVE-2026-33673 json PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Sit... Not Provided 2026-03-26 2026-04-01
CVE-2025-62945 json Not Provided 2025-10-27 2026-04-27
CVE-2024-30511 json Not Provided 2024-03-29 2026-04-28
CVE-2024-24837 json Not Provided 2024-02-21 2026-04-28
CVE-2024-21628 json 6.1 - MEDIUM 2024-01-02 2024-01-08
CVE-2024-21627 json 6.1 - MEDIUM 2024-01-02 2024-01-08
CVE-2023-48926 json 5.3 - MEDIUM 2024-01-16 2024-01-23
CVE-2023-47110 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 5.3 - MEDIUM 2023-11-09 2023-11-15
CVE-2023-47109 json PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the st... 8.1 - HIGH 2023-11-08 2023-11-16
CVE-2023-43664 json PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all mo... 4.3 - MEDIUM 2023-09-28 2023-10-03
CVE-2023-43663 json PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from ... 4.3 - MEDIUM 2023-09-28 2023-10-03
CVE-2023-39530 json PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the serv... 9.1 - CRITICAL 2023-08-07 2023-08-09
CVE-2023-39529 json PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the ser... 9.1 - CRITICAL 2023-08-07 2023-08-09
CVE-2023-39528 json PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be use... 8.6 - HIGH 2023-08-07 2023-08-09
CVE-2023-39527 json PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross... 6.1 - MEDIUM 2023-08-07 2023-08-09
CVE-2023-39526 json PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remot... 9.8 - CRITICAL 2023-08-07 2023-08-09
CVE-2023-39525 json PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised... 9.1 - CRITICAL 2023-08-07 2023-08-10
CVE-2023-39524 json PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search... 9.8 - CRITICAL 2023-08-07 2023-08-10
CVE-2023-36263 json Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontControl... 9.8 - CRITICAL 2023-10-31 2023-11-08
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Prestashop

Type Vendor Product Version
ApplicationPrestashopContactform1.0.1
ApplicationPrestashopCorreos Express1.6
ApplicationPrestashopDashboard Products-
ApplicationPrestashopEbay Module-
ApplicationPrestashopFaceted Search Module1.0.0
ApplicationPrestashopPrestashop-
ApplicationPrestashopPrestashop Link1.0.4
ApplicationPrestashopPrestashop Linklist1.0.4
ApplicationPrestashopPrestashop Socialfollow1.0.0
ApplicationPrestashopProductcomments3.6.0
ApplicationPrestashopProduct Comments3.6.0