Prestashop Productcomments — known CVE vulnerabilities
Every CVE whose affected-product data names Prestashop Productcomments, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-26248 — CVSS 6.8 (medium): In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the…
CVE-2022-35933 — CVSS 6.1 (medium): This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could…