PT-2026-8068

The Payment Page | Payment Form for Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pricing plan select text font family' parameter in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for...

Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection

Stripe Payment Plugin for WooCommerce for WordPress versions up to 3.7.9 contains a sqlinjection caused by insufficient escaping and lack of preparation on 'id' parameter, letting unauthenticated attackers execute arbitrary SQL queries, exploit requires sending crafted 'id' parameter. id:...

EUVD-2023-53932

Malicious code in bioql PyPI...

CVE-2023-4040

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ehcallbackhandler function in versions up to, and including, 3.7.9. This makes it possible for unauthenticated attackers to modify the order...

CVE-2023-3162

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to...

CVE-2024-0705

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

Sql injection

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-0705

The Stripe Payment Plugin for WooCommerce (WordPress) is vulnerable to SQL Injection via the 'id' parameter in all versions up to 3.7.9 due to insufficient escaping and improper query preparation. Unauthenticated attackers can append additional SQL to extract sensitive data. A fix is available in...

CVE-2024-0705 Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-0705 Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress Plugin Stripe Payment Plugin for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-15766

Name of the Vulnerable Software and Affected Versions The Stripe Payment Plugin for WooCommerce plugin for WordPress versions up to, and including, 3.7.9 Description The issue is related to SQL Injection via the id parameter due to insufficient escaping on the user-supplied parameter and lack of...

Authentication flaw

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to...

WordPress plugin Stripe Payment Plugin for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-23402 · Woocommerce · Stripe Payment Plugin For Woocommerce

Name of the Vulnerable Software and Affected Versions: Stripe Payment Plugin for WooCommerce versions up to, and including, 3.7.7 Description: The issue is related to authentication bypass due to insufficient verification of the user being supplied during a Stripe checkout through the plugin. Thi...