Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.6 views

CVE-2026-2890

The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler handleonetimestripelinkreturnurl marking payment records as complete based solely on the Stripe PaymentIntent status...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/13 9:31 p.m.8 views

EUVD-2026-11756

The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler handleonetimestripelinkreturnurl marking payment records as complete based solely on the Stripe PaymentIntent status...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/13 7:23 a.m.4 views

CVE-2026-2890 Formidable Forms <= 6.28 - Missing Authorization to Unauthenticated Payment Integrity Bypass via PaymentIntent Reuse

The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler handleonetimestripelinkreturnurl marking payment records as complete based solely on the Stripe PaymentIntent status...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.4 views

PT-2026-25153

The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler handle one time stripe link return url marking payment records as complete based solely on the Stripe PaymentIntent statu...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References8
Rows per page
Query Builder