CVE-2023-45381

CVE-2023-45381

EPSS 0.5%

In the module "Creative Popup" (creativepopup) up to version 1.6.9 from WebshopWorks for PrestaShop, a guest can perform SQL injection via `cp_download_popup().`

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://addons.prestashop.com/fr/pop-up/39348-creative-popup.html https://security.friendsofpresta.org/modules/2023/10/19/creativepopup.html