← back
CVE-2023-30153

CVE-2023-30153

CVSS 9.8 CRITICALEPSS 0.8%
An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop, in versions 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0 and 3.7.1, allows remote attackers to execute arbitrary SQL commands via the ajax.php front controller.
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://addons.prestashop.com/en/payment-card-wallet/8795--payplug-accept-customer-payments-wherever-they-are.htmlhttps://security.friendsofpresta.org/module/2023/07/18/payplug.html