prestashop/ps_checkout Security Advisories for v2.15.4 (4)
-
[LOW] ps_checkout allows unauthorized method invocation through unvalidated parameter
PKSA-vdq5-bx4j-ybb1 GHSA-mqq7-wxx5-mp8h
Affected version: <5.3.0
Reported by:
GitHub -
[LOW] PrestaShop Checkout Target PayPal merchant account hijacking from backoffice
PKSA-2hfz-bts5-gnys CVE-2025-61924 GHSA-wvpg-4wrh-5889
Affected version: >=5.0.0,<5.0.5|<4.4.1
Reported by:
GitHub -
[MEDIUM] PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure
PKSA-4wgy-szzb-yy2d CVE-2025-61923 GHSA-fpxp-pfqm-x54w
Affected version: >=5.0.0,<5.0.5|<4.4.1
Reported by:
GitHub -
[CRITICAL] PrestaShop Checkout allows customer account takeover via email
PKSA-vkh4-53ww-nks1 CVE-2025-61922 GHSA-54hq-mf6h-48xh
Affected version: >=1.3.0,<4.4.1|>=5.0.0,<5.0.5
Reported by:
GitHub