CVE-2024-25843

In the module "Import/Update Bulk Product from any Csv/Excel File Pro" (ba_importer) up to version 1.1.28 from Buy Addons for PrestaShop, a guest can perform SQL injection in affected versions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt