Recently, cases of infected e-shops on the Prestashop platform have been spreading, caused by a vulnerability that allows SQL injection and potentially stealing of customer’s payment information.
The problem concerns Prestashop versions 220.127.116.11 and higher, where hackers found new vulnerability related to SQL injection. Version 18.104.22.168 a higher, are not vulnerable, unless they have modules that have security issues with SQL injection. From default Prestashop modules, the problem is related to Wishlist module (blockwishlist), versions 2.0.0 - 2.1.0.
Prestashop is working on the problem and release temporary fix that may help to increase security. Find more information here. You can also contact us if you need to upgrade your eshop or help with security.