CVE-2025-51586
unknown
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
โ
Description
Presta Shop vulnerable to email enumeration
Predictions
Exploit likelihood
30%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | prestashop/prestashop | <8.2.3 | 8.2.3 |
References
- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8xx5-h6m3-jr33
- https://nvd.nist.gov/vuln/detail/CVE-2025-51586
- https://github.com/PrestaShop/PrestaShop/commit/c97bdf10f77fedbe5a61a1dec5f96b3abb1d76fb
- https://build.prestashop-project.org/news/2025/prestashop-8-2-3-security-release
- https://github.com/PrestaShop/PrestaShop
- https://github.com/PrestaShop/PrestaShop/releases/tag/8.2.1
- https://github.com/PrestaShop/PrestaShop/releases/tag/8.2.3
- https://maxime-morel.github.io/advisories/2025/CVE-2025-51586.md
- https://prestashop.com
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.