Prestashop logo, Visit home page
  • Help Center
  • Report a security vulnerability

Report a security vulnerability

PrestaShop Marketplace customers' security is a priority for PrestaShop. Despite our controls, some modules or themes may contain security vulnerabilities. This form allows you to report any security vulnerabilities you might have identified, using the "technical name".

Some principles

  • Any vulnerability reported must be detailed (as clearly as possible to help us identify it) and reproducible.
  • Any vulnerability reported is investigated by both PrestaShop and the module / theme vendor.
  • Any vulnerability proven must be fixed by the module / theme vendor.

In order to encourage customers to upgrade, PrestaShop shares the modules / themes that have been under vulnerability fix(es). Learn more on development best practices and implemented controls: https://devdocs.prestashop-project.org

Important

This form only regards security vulnerability reports for the PrestaShop Marketplace modules & themes.

This form doesn't regard security vulnerability reports for the OpenSource PrestaShop Core, a dedicated Bug Bounty with YesWeHack is available.

Fields marked with an asterisk (*) are required.

The technical name is the name of the module or theme folder. It is also defined in the class of the module ($this->name).

Accepted formats: .pdf, .jpg, .png, .doc, .txt.
Each file must be 2 Mo or less.

By submitting this form, you agree that your personal data may be used by PrestaShop S.A. to process your vulnerability report. Learn more about your data management and your rights.

Customer service

+44 2 036 971 999

Monday to Saturday9 AM - 8 PM(UTC+1)