CVE-2023-33663

Name of the Vulnerable Software and Affected Versions PrestaShop module "Customization fields fee for your store" (aicustomfee) versions up to 0.2.0

Description An issue in the "Customization fields fee for your store" module allows an attacker to perform SQL injection. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the possibility of SQL injection, but specific API endpoints, vulnerable parameters, or function names are not mentioned.

Recommendations For versions up to 0.2.0, update to release 0.2.1 to fix the security issue. As a temporary workaround, consider restricting access to the module until the update is applied.