Описание
PrestaShop Checkout allows customer account takeover via email
Impact
Missing validation on Express Checkout feature allows silent log-in
Affected versions
The issue was introduced in PrestaShop Checkout 1.3.0 .
All versions above 1.3.0 are vulnerable except of course the patch versions published on 16/10/2025: 7.4.4.1, 8.4.4.1, 7.5.0.5, 8.5.0.5, 9.5.0.5
Patches
The problem has been patched in versions
- v4.4.1 for PrestaShop 1.7 (build number: 7.4.4.1)
- v4.4.1 for PrestaShop 8 (build number: 8.4.4.1)
- v5.0.5 for PrestaShop 1.7 (build number: 7.5.0.5)
- v5.0.5 for PrestaShop 8 (build number: 8.5.0.5)
- v5.0.5 for PrestaShop 9 (build number: 9.5.0.5)
Read our Versioning policy to learn more about our build numbers and versions of PrestaShop Checkout
Credits
We would like to thank Léo CUNÉAZ for reporting the issue.
Пакеты
prestashop/ps_checkout
>= 1.3.0, < 4.4.1
4.4.1
prestashop/ps_checkout
>= 5.0.0, < 5.0.5
5.0.5
Связанные уязвимости
PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist.