CVE-2025-62945 identifies a security vulnerability in the Did Prestashop Display plugin, a component used within the Prestashop e-commerce platform. The vulnerability is a Cross-Site Request Forgery (CSRF) flaw that allows attackers to trick authenticated users into submitting unwanted requests to the web application. This CSRF vulnerability is particularly dangerous because it enables Stored Cross-Site Scripting (XSS) attacks, where malicious scripts are permanently stored on the server and executed in the context of users' browsers. The plugin versions up to and including 1.0.30 are affected, with no specific version exclusions noted. The attack vector requires the victim to be logged into the Prestashop backend or frontend where the plugin operates, and to visit a malicious site or click a crafted link. Once exploited, the attacker can inject persistent malicious scripts that can steal session cookies, manipulate content, or perform unauthorized actions. The lack of an assigned CVSS score suggests the vulnerability is newly disclosed, but the combination of CSRF and Stored XSS significantly elevates the risk. No patches or official fixes have been released yet, and no active exploitation has been reported. The vulnerability was reserved and published in late October 2025 by Patchstack, indicating credible discovery and disclosure. This vulnerability highlights the importance of secure coding practices in third-party plugins and the need for robust CSRF tokens and input validation mechanisms in e-commerce platforms.

For European organizations, especially those operating e-commerce websites using Prestashop with the Did Prestashop Display plugin, this vulnerability poses a significant risk. Exploitation could lead to unauthorized actions performed with the privileges of authenticated users, including administrators, potentially resulting in data theft, unauthorized changes to product listings or pricing, and compromise of customer data. The Stored XSS component can facilitate session hijacking, enabling attackers to impersonate users or administrators, leading to further breaches or fraudulent transactions. This could damage brand reputation, cause financial losses, and lead to regulatory non-compliance under GDPR due to data breaches. The attack requires user interaction and authentication, which somewhat limits the attack surface, but the widespread use of Prestashop in European e-commerce means many organizations could be affected. The absence of patches increases exposure time, and the lack of known exploits does not preclude future active exploitation. Overall, the vulnerability threatens confidentiality, integrity, and availability of affected systems and data.

European organizations should immediately audit their Prestashop installations to identify the presence of the Did Prestashop Display plugin and its version. If the plugin is in use and unpatched, consider disabling or uninstalling it until a secure update is available. Implement strict CSRF protections by ensuring all state-changing requests require unique, unpredictable CSRF tokens verified server-side. Review and enhance input validation and output encoding to prevent Stored XSS, including sanitizing all user-supplied data before storage and display. Monitor web server logs and application behavior for suspicious activities indicative of exploitation attempts. Educate users and administrators about phishing and social engineering risks that could facilitate CSRF attacks. Stay informed on vendor advisories and apply patches promptly once released. Additionally, consider deploying Web Application Firewalls (WAFs) with rules to detect and block CSRF and XSS attack patterns. Conduct regular security assessments and penetration testing focusing on third-party plugins and extensions.