VYPR
Vendor

Buy Addons

Products
7
CVEs
5
Across products
6
Status
Private

Products

7

Recent CVEs

5
  • CVE-2024-34988CriJun 24, 2024
    risk 0.64cvss 9.8epss 0.00

    SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro" (askforaquotemodul) <= 1.0.51 from Buy Addons for PrestaShop allows attackers to view sensitive information and cause other impacts via methods…

  • CVE-2024-25843CriFeb 27, 2024
    risk 0.64cvss 9.8epss 0.01

    In the module "Import/Update Bulk Product from any Csv/Excel File Pro" (ba_importer) up to version 1.1.28 from Buy Addons for PrestaShop, a guest can perform SQL injection in affected versions.

  • CVE-2023-50027CriJan 5, 2024
    risk 0.64cvss 9.8epss 0.01

    SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run() method.

  • CVE-2023-48925CriDec 14, 2023
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run().

  • CVE-2024-34993MedJun 19, 2024
    risk 0.41cvss 6.3epss 0.00

    In the module "Bulk Export products to Google Merchant-Google Shopping" (bagoogleshopping) up to version 1.0.26 from Buy Addons for PrestaShop, a guest can perform SQL injection via`GenerateCategories::renderCategories().