Plateforme
php
Composant
prestashop/ps_checkout
Corrigé dans
1.3.1
5.0.1
4.4.1
CVE-2025-61922 is a critical vulnerability affecting the ps_checkout module in PrestaShop. This vulnerability allows for a silent log-in through the Express Checkout feature, potentially granting attackers unauthorized access to user accounts and sensitive data. The vulnerability impacts PrestaShop versions 1.3.0 and earlier, with fixes released in versions 4.4.1, 5.0.5 for PrestaShop 1.7, 8, and 9.
The core of this vulnerability lies in the lack of proper validation within the Express Checkout functionality of the ps_checkout module. An attacker can exploit this by crafting a malicious request that bypasses authentication checks, effectively logging in as another user without their knowledge or consent. This silent log-in grants the attacker full access to the affected user's account, enabling them to modify personal information, place fraudulent orders, access payment details, and potentially compromise other connected systems. The potential blast radius extends to all users who utilize the Express Checkout feature in vulnerable PrestaShop installations, particularly those with administrative privileges.
CVE-2025-61922 was publicly disclosed on October 16, 2025. While no active exploitation campaigns have been publicly confirmed, the critical severity and ease of exploitation suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV. Public proof-of-concept code may emerge, increasing the risk of widespread exploitation.
PrestaShop e-commerce stores utilizing the ps_checkout module, particularly those running older versions (≤v3.0.2) and those relying heavily on the Express Checkout feature for customer convenience. Shared hosting environments running PrestaShop are also at increased risk due to potential vulnerabilities in the underlying server configuration.
• php: Examine PrestaShop module directories for the ps_checkout module version.
find /var/www/prestashop/modules/ -name 'ps_checkout' -print• php: Check PrestaShop configuration files for the version number.
grep 'ps_checkout' /var/www/prestashop/config/defines.inc.php• generic web: Monitor PrestaShop access logs for unusual login attempts or requests targeting the Express Checkout endpoint. Look for POST requests with suspicious parameters. • generic web: Review PrestaShop error logs for any errors related to authentication or Express Checkout.
disclosure
Statut de l'Exploit
EPSS
0.01% (percentile 3%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-61922 is to immediately upgrade the ps_checkout module to version 4.4.1 or later, or to PrestaShop versions 7.4.4.1, 8.4.4.1, 7.5.0.5, 8.5.0.5, or 9.5.0.5. If upgrading is not immediately feasible, consider temporarily disabling the Express Checkout feature to prevent exploitation. Web Application Firewalls (WAFs) configured to inspect and filter HTTP requests can be deployed to block malicious payloads targeting the Express Checkout endpoint. Review PrestaShop's security best practices and ensure all other modules are up-to-date to minimize the overall attack surface. After upgrade, confirm the vulnerability is resolved by attempting an Express Checkout with a test user account and verifying that authentication is properly enforced.
Mettez à jour le module ps_checkout à la version 4.4.1 ou supérieure, ou à la version 5.0.5 ou supérieure. Cela corrigera la vulnérabilité d'omission de validation dans la fonction Express Checkout qui permet la prise de contrôle de comptes via email. La mise à jour peut être effectuée via le panneau d'administration de PrestaShop.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-61922 is a critical vulnerability in the PrestaShop ps_checkout module that allows attackers to silently log in users without authentication, potentially gaining unauthorized access.
You are affected if you are running PrestaShop with the ps_checkout module version 3.0.2 or earlier. Upgrade to a patched version to mitigate the risk.
Upgrade the ps_checkout module to version 4.4.1 or later, or upgrade to PrestaShop versions 7.4.4.1, 8.4.4.1, 7.5.0.5, 8.5.0.5, or 9.5.0.5.
While no active exploitation campaigns have been publicly confirmed, the critical severity suggests a high probability of exploitation.
Refer to the official PrestaShop security advisory for detailed information and updates: [https://security.prestashop.com/](https://security.prestashop.com/)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.