CVE-2025-61924: CWE-184: Incomplete List of Disallowed Inputs in PrestaShopCorp ps_checkout
PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the Target PayPal merchant account hijacking from backoffice due to wrong usage of the PHP array_search(). The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist.
AI Analysis
Technical Summary
CVE-2025-61924 is a vulnerability identified in the PrestaShop official payment module, ps_checkout, which integrates PayPal payment processing. The issue stems from an incomplete list of disallowed inputs due to incorrect usage of PHP's array_search() function within the module's code. Specifically, this improper input validation allows an attacker with backoffice access—meaning someone with administrative privileges on the PrestaShop backend—to manipulate the PayPal merchant account configuration. By exploiting this flaw, the attacker can hijack the merchant account, potentially redirecting payments or intercepting funds. The vulnerability affects ps_checkout versions prior to 4.4.1 and versions from 5.0.0 up to but not including 5.0.5. The flaw is categorized under CWE-184 (Incomplete List of Disallowed Inputs), which indicates insufficient filtering or validation of input data. The vulnerability does not require user interaction but does require high privileges, limiting the attack surface to insiders or compromised administrative accounts. The CVSS 3.1 base score is 3.8, reflecting low severity due to the privilege requirement and limited impact scope. No known exploits have been reported in the wild, and no workarounds exist other than upgrading to the patched versions 4.4.1 or 5.0.5. This vulnerability primarily threatens the confidentiality and integrity of payment processing data, risking financial fraud and loss of merchant trust.
Potential Impact
For European organizations, especially e-commerce businesses using PrestaShop with the ps_checkout module, this vulnerability poses a risk of financial fraud through merchant account hijacking. An attacker with backoffice access could redirect payments or manipulate transaction data, leading to direct financial losses and reputational damage. Given the widespread use of PrestaShop in Europe, particularly among small and medium-sized enterprises (SMEs) in countries with strong e-commerce sectors like Germany, France, Spain, and Italy, the impact could be significant if exploited. The vulnerability does not affect availability, so operational disruption is unlikely, but the breach of payment integrity could lead to regulatory scrutiny under GDPR due to potential unauthorized access to payment-related personal data. The requirement for high privileges limits the threat to insiders or attackers who have already compromised administrative credentials, emphasizing the importance of strong access controls and monitoring.
Mitigation Recommendations
European organizations should immediately verify their ps_checkout module version and upgrade to version 4.4.1 or 5.0.5 or later to remediate the vulnerability. Since no workarounds exist, patching is the only effective mitigation. Additionally, organizations should enforce strict access controls on backoffice accounts, including multi-factor authentication (MFA) for administrative users, to reduce the risk of credential compromise. Regular auditing and monitoring of backoffice activities can help detect unauthorized changes to payment configurations. Implementing role-based access control (RBAC) to limit the number of users with merchant account modification privileges is advisable. Organizations should also review logs for suspicious activity related to payment settings and consider isolating payment configuration functions to minimize exposure. Finally, educating staff about phishing and credential security can reduce the risk of initial compromise.
Affected Countries
Germany, France, Spain, Italy, United Kingdom, Netherlands, Belgium, Poland, Sweden, Austria
CVE-2025-61924: CWE-184: Incomplete List of Disallowed Inputs in PrestaShopCorp ps_checkout
Description
PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the Target PayPal merchant account hijacking from backoffice due to wrong usage of the PHP array_search(). The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist.
AI-Powered Analysis
Technical Analysis
CVE-2025-61924 is a vulnerability identified in the PrestaShop official payment module, ps_checkout, which integrates PayPal payment processing. The issue stems from an incomplete list of disallowed inputs due to incorrect usage of PHP's array_search() function within the module's code. Specifically, this improper input validation allows an attacker with backoffice access—meaning someone with administrative privileges on the PrestaShop backend—to manipulate the PayPal merchant account configuration. By exploiting this flaw, the attacker can hijack the merchant account, potentially redirecting payments or intercepting funds. The vulnerability affects ps_checkout versions prior to 4.4.1 and versions from 5.0.0 up to but not including 5.0.5. The flaw is categorized under CWE-184 (Incomplete List of Disallowed Inputs), which indicates insufficient filtering or validation of input data. The vulnerability does not require user interaction but does require high privileges, limiting the attack surface to insiders or compromised administrative accounts. The CVSS 3.1 base score is 3.8, reflecting low severity due to the privilege requirement and limited impact scope. No known exploits have been reported in the wild, and no workarounds exist other than upgrading to the patched versions 4.4.1 or 5.0.5. This vulnerability primarily threatens the confidentiality and integrity of payment processing data, risking financial fraud and loss of merchant trust.
Potential Impact
For European organizations, especially e-commerce businesses using PrestaShop with the ps_checkout module, this vulnerability poses a risk of financial fraud through merchant account hijacking. An attacker with backoffice access could redirect payments or manipulate transaction data, leading to direct financial losses and reputational damage. Given the widespread use of PrestaShop in Europe, particularly among small and medium-sized enterprises (SMEs) in countries with strong e-commerce sectors like Germany, France, Spain, and Italy, the impact could be significant if exploited. The vulnerability does not affect availability, so operational disruption is unlikely, but the breach of payment integrity could lead to regulatory scrutiny under GDPR due to potential unauthorized access to payment-related personal data. The requirement for high privileges limits the threat to insiders or attackers who have already compromised administrative credentials, emphasizing the importance of strong access controls and monitoring.
Mitigation Recommendations
European organizations should immediately verify their ps_checkout module version and upgrade to version 4.4.1 or 5.0.5 or later to remediate the vulnerability. Since no workarounds exist, patching is the only effective mitigation. Additionally, organizations should enforce strict access controls on backoffice accounts, including multi-factor authentication (MFA) for administrative users, to reduce the risk of credential compromise. Regular auditing and monitoring of backoffice activities can help detect unauthorized changes to payment configurations. Implementing role-based access control (RBAC) to limit the number of users with merchant account modification privileges is advisable. Organizations should also review logs for suspicious activity related to payment settings and consider isolating payment configuration functions to minimize exposure. Finally, educating staff about phishing and credential security can reduce the risk of initial compromise.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-10-03T22:21:59.615Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68f12ee39f8a5dbaeaee6015
Added to database: 10/16/2025, 5:44:03 PM
Last enriched: 10/16/2025, 5:59:32 PM
Last updated: 10/19/2025, 10:45:30 AM
Views: 33
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-11940: Uncontrolled Search Path in LibreWolf
HighCVE-2025-11939: Path Traversal in ChurchCRM
MediumCVE-2025-11938: Deserialization in ChurchCRM
MediumCVE-2025-62672: CWE-770 Allocation of Resources Without Limits or Throttling in boyns rplay
MediumCVE-2025-47410: CWE-352 Cross-Site Request Forgery (CSRF) in Apache Software Foundation Apache Geode
UnknownActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.