MidnightBSD

Advisories for cleanpresta

CVE-2024-25845

In the module "CD Custom Fields 4 Orders" (cdcustomfields4orders) <= 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injection in affected versions.

Products Affected

Vendor Product Version
cleanpresta cd_custom_fields_4_orders *