CVE-2023-27032

Name of the Vulnerable Software and Affected Versions Prestashop advancedpopupcreator versions 1.1.21 through 1.1.24

Description The issue is related to a SQL injection vulnerability. It affects the component AdvancedPopup::getPopups().

Recommendations For versions 1.1.21 through 1.1.24, consider disabling the AdvancedPopup::getPopups() function until a patch is available. Restrict access to the AdvancedPopup component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.