CVE-2025-61922

CRITICAL

PrestaShop Checkout 1.3.0-4.4.0 and 5.0.0-5.0.4 - Account Takeover via Express Checkout Email Validation Bypass

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-61922. PoCs published by g0vguy, captaincookie34.

AI-analyzed exploit summary This PoC exploits CVE-2025-61922, a zero-click account takeover vulnerability in PrestaShop Checkout < 5.0.5. It checks for vulnerability, performs the takeover by sending a crafted JSON payload, and tests the captured session cookies.

Description

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting in version 1.3.0 and prior to versions 4.4.1 and 5.0.5, missing validation on the Express Checkout feature allows silent login, enabling account takeover via email. The vulnerability is fixed in versions 4.4.1 and 5.0.5. No known workarounds exist.

Exploits (2)

nomisec WORKING POC 8 stars

by g0vguy · poc

https://github.com/g0vguy/CVE-2025-61922-PoC

View Code ZIP pw:eip

This PoC exploits CVE-2025-61922, a zero-click account takeover vulnerability in PrestaShop Checkout < 5.0.5. It checks for vulnerability, performs the takeover by sending a crafted JSON payload, and tests the captured session cookies.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: PrestaShop Checkout < 5.0.5

No auth needed

Prerequisites: Target URL · Victim email address

MITRE ATT&CK

T1189 - Drive-by Compromise T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB

by captaincookie34 · poc

https://github.com/captaincookie34/Vulnerability-Playground-CVE-2025-61922

View Code ZIP pw:eip

The repository contains only a README.md file describing a simulated PrestaShop vulnerability without any exploit code or technical details. It lacks actionable PoC or exploit implementation.

Classification

Stub 30%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: PrestaShop (version unspecified)

No auth needed

Prerequisites: none provided

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_confirm

https://github.com/PrestaShopCorp/ps_checkout/security/advisories/GHSA-54hq-mf6h-48xh

Scores

CVSS v3 9.1

EPSS 0.0002

EPSS Percentile 5.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-287

Status published

Products (2)

prestashop/prestashop_checkout 1.3.0 - 7.4.4.1

prestashop/ps_checkout 1.3.0 - 4.4.1Packagist

Published Oct 16, 2025

Tracked Since Feb 18, 2026