3 matches found
CVE-2023-46352
In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" facebookconversiontrackingplus up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from...
CVE-2023-46352
In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" facebookconversiontrackingplus up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from...
CVE-2023-46352
In CVE-2023-46352, the Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module (PrestaShop Smart Modules) up to version 2.4.9 exposes a permissions flaw that lets a guest download exports, leaking personal data from the ps_customer table (name, surname, email). Root cause: lack of proper ac...