9.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
33.0%
In the module “Creative Popup” (creativepopup) up to version 1.6.9 from WebshopWorks for PrestaShop, a guest can perform SQL injection via cp_download_popup().
cp_download_popup().
addons.prestashop.com/fr/pop-up/39348-creative-popup.html
security.friendsofpresta.org/modules/2023/10/19/creativepopup.html