Lucene search
K

14 matches found

NVD
NVD
added 2026/06/16 10:16 a.m.11 views

CVE-2026-2381

The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxpayfororder function in all versions up to, and including, 10.7.0 This is due to a missing order ownership or orderkey verification when...

6.5CVSS0.00267EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 9:31 a.m.8 views

EUVD-2026-37059

The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxpayfororder function in all versions up to, and including, 10.7.0 This is due to a missing order ownership or orderkey verification when...

6.5CVSS5.3AI score0.00267EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/16 9:31 a.m.34 views

CVE-2026-2381 WooCommerce Stripe Payment Gateway <= 10.7.0 - Missing Authorization to Unauthenticated Order Status Manipulation via 'order' Parameter

The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxpayfororder function in all versions up to, and including, 10.7.0 This is due to a missing order ownership or orderkey verification when...

6.5CVSS0.00267EPSS
Exploits0References6
NVD
NVD
added 2024/06/19 1:15 p.m.18 views

CVE-2023-35049

Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0...

9.8CVSS0.00614EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/06/19 12:0 a.m.3 views

WordPress plugin WooCommerce Stripe Payment Gateway security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.8AI score0.00614EPSS
Exploits1References2
OSV
OSV
added 2024/03/27 2:15 p.m.4 views

CVE-2023-44999

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0...

8.8CVSS7.3AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 1:27 p.m.112 views

CVE-2023-44999

CVE-2023-44999 is a CSRF vulnerability in the WooCommerce Stripe Payment Gateway plugin for WordPress, affecting versions up to 7.6.0. The issue allows an attacker to perform unintended actions by forging requests, with unauthenticated exploitation possible, per Patchstack and Wordfence reference...

8.8CVSS8.6AI score0.00221EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/01/05 8:15 a.m.11 views

CVE-2023-51502

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...

9.8CVSS8.1AI score0.00599EPSS
Exploits0References1
OSV
OSV
added 2024/01/05 8:15 a.m.2 views

CVE-2023-51502

Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...

9.8CVSS7.3AI score0.00599EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/05 12:0 a.m.6 views

WordPress Plugin WooCommerce Stripe Payment Gateway Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

9.8CVSS6.5AI score0.00599EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/06/14 8:33 a.m.7 views

Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin

A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. The flaw, tracked as CVE-2023-34000 , impacts versions 7.4.0 and below. It was addressed by the plugin maintainers in version 7.4.1, which...

7.5CVSS6AI score0.01214EPSS
Exploits2
OSV
OSV
added 2023/06/14 8:15 a.m.3 views

CVE-2023-34000

Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin = 7.4.0 versions...

7.5CVSS7.4AI score0.01214EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.7 views

PT-2023-24621 · WordPress · Woocommerce Stripe Payment Gateway

Name of the Vulnerable Software and Affected Versions: WooCommerce Stripe Payment Gateway plugin versions prior to 7.4.1 Description: A security issue has been identified that could lead to the unauthorized disclosure of sensitive information, specifically a PII disclosure due to an unauthenticat...

7.5CVSS7.7AI score0.01214EPSS
Exploits2References6
Patchstack
Patchstack
added 2019/10/31 12:0 a.m.10 views

WordPress YITH WooCommerce Stripe plugin <=2.0.1 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability

Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Stripe plugin =2.0.1. Solution Update the WordPress YITH WooCommerce Stripe plugin to the latest available version at least 2.0.2...

4.3CVSS2.3AI score0.00948EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder