CNNVD-202510-2314 Information

CNNVD ID

CNNVD-202510-2314

Related CVE

CVE-2025-61924

• CNNVD Published: 2025-10-16

Description (Chinese)

PrestaShop Checkout是PrestaShopCorp开源的一个结账支付模块。 PrestaShop Checkout 4.4.1之前版本和5.0.5之前版本存在安全漏洞，该漏洞源于错误使用PHP array_search函数，可能导致PayPal商家账户劫持。

Description (English)

PrestaShop Checkout is a closing payment module for PrestaShopCorp. PrestaShop Checkout 4.4.1 has a security loophole, which stems from the incorrect use of the PHP array search function, which could lead to the hijacking of PayPal’s account.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PrestaShopCorp

Published

2025-10-16

Last Modified

2026-02-24

References

https://github.com/PrestaShopCorp/ps_checkout/security/advisories/GHSA-wvpg-4wrh-5889 https://access.redhat.com/security/cve/cve-2025-61924

Patch

https://github.com/PrestaShopCorp/ps_checkout/releases