[LOW] PrestaShop Checkout Target PayPal merchant account hijacking from backoffice

PKSA-2hfz-bts5-gnys CVE-2025-61924 GHSA-wvpg-4wrh-5889

Affected version: >=5.0.0,<5.0.5|<4.4.1

Reported by:
GitHub

[MEDIUM] PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure

PKSA-4wgy-szzb-yy2d CVE-2025-61923 GHSA-fpxp-pfqm-x54w

Affected version: >=5.0.0,<5.0.5|<4.4.1

Reported by:
GitHub

[CRITICAL] PrestaShop Checkout allows customer account takeover via email

PKSA-vkh4-53ww-nks1 CVE-2025-61922 GHSA-54hq-mf6h-48xh

Affected version: >=1.3.0,<4.4.1|>=5.0.0,<5.0.5

Reported by:
GitHub