CVE-2023-30153 Information

Description

An SQL injection vulnerability in the Payplug (payplug) module for PrestaShop in versions 3.6.0 3.6.1 3.6.2 3.6.3 3.7.0 and 3.7.1 allows remote attackers to execute arbitrary SQL commands via the ajax.php front controller.

Reference

https://security.friendsofpresta.org/module/2023/07/18/payplug.html https://addons.prestashop.com/en/payment-card-wallet/8795–payplug-accept-customer-payments-wherever-they-are.html