CVE-2025-62945 is a Cross-Site Request Forgery (CSRF) vulnerability identified in the Did Prestashop Display plugin developed by Eduard Pinuaga Linares, affecting all versions up to and including 1.0.30. The vulnerability enables an attacker to craft malicious requests that, when executed by an authenticated user, cause the application to perform unintended actions without the user's consent. This CSRF flaw facilitates stored Cross-Site Scripting (XSS) attacks, where malicious scripts are injected and persist within the application, potentially affecting all users who access the compromised content. The vulnerability is remotely exploitable over the network (AV:N), requires low attack complexity (AC:L), no privileges (PR:N), but does require user interaction (UI:R). The scope is unchanged (S:U), but the impact is severe across confidentiality, integrity, and availability (C:H/I:H/A:H), as indicated by the CVSS 3.1 base score of 8.8. This means that an attacker can steal sensitive data, manipulate or corrupt data, and disrupt service availability. The plugin is commonly used in Prestashop e-commerce platforms, which are widely deployed in Europe. No patches or mitigations have been officially released at the time of publication, and no known exploits are reported in the wild. The vulnerability was reserved and published in late October 2025 by Patchstack, highlighting the need for immediate security measures.

For European organizations, particularly those operating e-commerce platforms using Prestashop with the Did Prestashop Display plugin, this vulnerability poses a significant risk. Exploitation can lead to unauthorized actions performed on behalf of legitimate users, resulting in stored XSS that can compromise customer data, session tokens, and administrative credentials. This can lead to data breaches, financial fraud, reputational damage, and regulatory non-compliance under GDPR. The high impact on confidentiality, integrity, and availability means attackers could deface websites, manipulate product listings or prices, and disrupt sales operations. Given the widespread use of Prestashop in countries like France, Spain, Germany, and Italy, the threat could affect a large number of online retailers. The lack of patches increases the window of exposure, and attackers may develop exploits rapidly once details become public. Additionally, the requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface.

1. Immediately disable or uninstall the Did Prestashop Display plugin until a security patch is released. 2. If disabling is not feasible, restrict access to the plugin's functionality by IP whitelisting or network segmentation to limit exposure. 3. Implement strict Content Security Policy (CSP) headers to mitigate the impact of stored XSS payloads. 4. Educate users and administrators about phishing risks to reduce the likelihood of user interaction triggering CSRF attacks. 5. Monitor web server and application logs for unusual POST requests or suspicious activity targeting the plugin endpoints. 6. Apply Web Application Firewall (WAF) rules to detect and block CSRF and XSS attack patterns related to this vulnerability. 7. Regularly update Prestashop core and other plugins to minimize the attack surface. 8. Prepare for rapid deployment of patches once available by maintaining an up-to-date inventory of affected systems. 9. Conduct security audits and penetration testing focused on CSRF and XSS vectors in the e-commerce environment.