2 matches found
CVE-2023-4040
The CVE-2023-4040 issue affects the Stripe Payment Plugin for WooCommerce for WordPress. It stems from a missing capability check in the eh_callback_handler function in versions up to and including 3.7.9, enabling unauthenticated attackers to modify the status of arbitrary WooCommerce orders. The...
WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.9 is vulnerable to Broken Access Control
Software Stripe Payment Gateway for WooCommerce Type Plugin Vulnerable versions = 3.7.9 Fixed in 3.8.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4040 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 44ff3f2a12c3 Credits Frances...