Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

PrestaShop — Vulnerabilities & Security Advisories 71

Browse all 71 CVE security advisories affecting PrestaShop. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products PrestaShop:PrestaShopproductcommentsps_linklistM4 PDF pluginblockreassurancedashproductscontactformps_facetedsearchps_socialfollowps_emailsubscriptionblockwishlistps_contactinfo
CVE IDTitleCVSSSeverityPaused
CVE-2022-31101 SQL Injection in prestashop/blockwishlist — blockwishlistCWE-89 8.1 High2022-06-27
CVE-2022-21686 Server Side Twig Template Injection in PrestaShop — PrestaShopCWE-94 9.0 Critical2022-01-26
CVE-2021-43789 Blind SQLi using Search filters in PrestaShop — PrestaShopCWE-89 7.5 High2021-12-07
CVE-2021-21418 Potential XSS injection in the newsletter conditions field — ps_emailsubscriptionCWE-79 4.6 Medium2021-03-31
CVE-2021-21398 Possible XSS injection through DataColumn Grid class — PrestaShopCWE-79 5.4 Medium2021-03-30
CVE-2021-21308 Improper session management for soft logout — PrestaShopCWE-287 6.1 Medium2021-02-26
CVE-2021-21302 CSV Injection via csv export — PrestaShopCWE-78 6.8 Medium2021-02-26
CVE-2020-26248 Blind SQL injection during the CommentGrade process — productcommentsCWE-89 6.8 Medium2020-12-03
CVE-2020-26225 Reflected XSS in PrestaShop Product Comments — productcommentsCWE-79 8.7 High2020-11-16
CVE-2020-26224 Improper Access Control in PrestaShop — PrestaShopCWE-284 7.5 High2020-11-16
CVE-2020-15162 Stored XSS in PrestaShop — PrestaShopCWE-79 5.4 Medium2020-09-24
CVE-2020-15160 Blind SQL Injection in PrestaShop — PrestaShopCWE-89 9.8 -2020-09-24
CVE-2020-15161 Potential XSS in PrestaShop — PrestaShopCWE-79 5.4 Medium2020-09-24
CVE-2020-15178 Potential XSS in PrestaShop contactform — contactformCWE-79 8.0 High2020-09-15
CVE-2020-15102 Improper access control on dashboard form in PrestaShop — dashproductsCWE-284 6.5 Medium2020-07-21
CVE-2020-4074 Improper Authentication — PrestaShopCWE-287 8.9 High2020-07-02
CVE-2020-15082 External control of configuration setting in the dashboard in PrestaShop — PrestaShop 7.1 High2020-07-02
CVE-2020-15083 Reflected XSS when uploading an image in the Product page in PrestaShop — PrestaShopCWE-79 4.7 Medium2020-07-02
CVE-2020-11074 Stored XSS in PrestaShop — PrestaShopCWE-79 5.4 Medium2020-07-02
CVE-2020-15079 Improper access control in PrestaShop — PrestaShopCWE-284 6.4 Medium2020-07-02
CVE-2020-15080 Information disclosure in release archive in PrestaShop — PrestaShopCWE-200 5.3 Medium2020-07-02
CVE-2020-15081 Information exposure in the upload directory in PrestaShop — PrestaShopCWE-548 5.3 Medium2020-07-02
CVE-2020-5286 Reflected XSS related in import page in PrestaShop — PrestaShopCWE-79 4.1 Medium2020-04-20
CVE-2020-5287 Improper access control on customers search in PrestaShop — PrestaShopCWE-284 4.1 Medium2020-04-20
CVE-2020-5288 Improper access control on product attributes page in PrestaShop — PrestaShopCWE-284 4.1 Medium2020-04-20
CVE-2020-5293 Improper access control on product page with combinations, attachments and specific prices in PrestaShop — PrestaShopCWE-284 6.5 Medium2020-04-20
CVE-2020-5271 Reflected XSS with dashboard calendar of PrestaShop — PrestaShopCWE-79 4.1 Medium2020-04-20
CVE-2020-5272 Reflected XSS on Search page of PrestaShop — PrestaShopCWE-79 4.1 Medium2020-04-20
CVE-2020-5276 Reflected XSS on AdminCarts page of PrestaShop — PrestaShopCWE-79 4.1 Medium2020-04-20
CVE-2020-5278 Reflected XSS on Exception page of PrestaShop — PrestaShopCWE-79 4.1 Medium2020-04-20

This page lists every published CVE security advisory associated with PrestaShop. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.