PT-2025-42514

🗓️ 16 Oct 2025 00:00:00Reported by Positive TechnologiesType

ptsecurity

ptsecurity🔗 dbugs.ptsecurity.com👁 4 Views

Flaw in PrestaShop Checkout enables silent login and takeover; update to 4.4.1 and 5.0.5.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2025-61922	2 Jan 202621:00	–	circl
CNNVD	PrestaShop Checkout 授权问题漏洞	16 Oct 202500:00	–	cnnvd
CVE	CVE-2025-61922	16 Oct 202517:26	–	cve
Cvelist	CVE-2025-61922 PrestaShop Checkout allows customer account takeover via email	16 Oct 202517:26	–	cvelist
EUVD	EUVD-2025-34790	16 Oct 202519:56	–	euvd
GithubExploit	Exploit for Improper Authentication in Prestashop Prestashop_Checkout	2 Jan 202617:29	–	githubexploit
Github Security Blog	PrestaShop Checkout allows customer account takeover via email	16 Oct 202519:56	–	github
NVD	CVE-2025-61922	16 Oct 202518:15	–	nvd
OSV	CVE-2025-61922 PrestaShop Checkout allows customer account takeover via email	16 Oct 202517:26	–	osv
OSV	GHSA-54HQ-MF6H-48XH PrestaShop Checkout allows customer account takeover via email	16 Oct 202519:56	–	osv

Source	Link
twitter	www.twitter.com/autumn_good_35/status/1979228877538136412
twitter	www.twitter.com/akaclandestine/status/2007147451661107353
reddit	www.reddit.com/r/CVEWatch/comments/1r731bn/top_10_trending_cves_17022026
osv	www.osv.dev/vulnerability/GHSA-54hq-mf6h-48xh
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2025/61xxx/CVE-2025-61922.json
twitter	www.twitter.com/CCBalert/status/1979187887032672413
osv	www.osv.dev/vulnerability/CVE-2025-61922
twitter	www.twitter.com/0dayPublishing/status/1978878423377309867
github	www.github.com/PrestaShopCorp/ps_checkout/security/advisories/GHSA-54hq-mf6h-48xh
twitter	www.twitter.com/dhakal_ananda/status/2007068016186667333

17 Feb 2026 00:00Current

5.4Medium risk

Vulners AI Score5.4

CVSS 3.19.1

EPSS0.00019

SSVC

PrestaShop Checkout 4.4.1 PrestaShop Checkout 5.0.5 Silent login Account takeover Express Checkout flaw