Vulnerabilities > Prestashop > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-47109 | Unspecified vulnerability in Prestashop Customer Reassurance Block PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. | 8.1 |
| 2023-08-07 | CVE-2023-39528 | Path Traversal vulnerability in Prestashop PrestaShop is an open source e-commerce web application. | 8.6 |
| 2023-05-04 | CVE-2023-30282 | Unspecified vulnerability in Prestashop Scexportcustomers PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. | 7.5 |
| 2023-04-25 | CVE-2023-30839 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 8.8 |
| 2023-03-14 | CVE-2023-25206 | SQL Injection vulnerability in Prestashop Advanced Reviews PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection. | 8.8 |
| 2023-03-13 | CVE-2023-25170 | Cross-Site Request Forgery (CSRF) vulnerability in Prestashop PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). | 8.8 |
| 2023-03-06 | CVE-2023-24763 | SQL Injection vulnerability in Prestashop XEN Forum In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0. | 8.8 |
| 2022-06-27 | CVE-2022-31101 | SQL Injection vulnerability in Prestashop Blockwishlist 2.0.0/2.0.1/2.1.0 prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. | 8.8 |
| 2022-01-26 | CVE-2022-21686 | Code Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce platform. | 7.5 |
| 2021-12-07 | CVE-2021-43789 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 7.5 |