Lucene search
K

5 matches found

NVD
NVD
added 2026/06/19 8:16 a.m.15 views

CVE-2026-3640

The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permissioncallback of returntrue, which allows all incoming requests...

5.3CVSS0.00382EPSS
Exploits0References14
ATTACKERKB
ATTACKERKB
added 2026/06/19 6:51 a.m.16 views

CVE-2026-3640

The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permissioncallback of returntrue, which allows all incoming requests...

5.3CVSS5.8AI score0.00382EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/06/19 6:51 a.m.34 views

CVE-2026-3640 STRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API Endpoint

The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permissioncallback of returntrue, which allows all incoming requests...

5.3CVSS0.00382EPSS
Exploits0References14
CVE
CVE
added 2026/06/19 6:51 a.m.17 views

CVE-2026-3640

The STRABL WordPress plugin (versions

5.3CVSS5.8AI score0.00382EPSS
Exploits0References14
Patchstack
Patchstack
added 2026/06/18 5:50 p.m.6 views

WordPress STRABL – A checkout solution plugin <= 4.5 - Unauthenticated Arbitrary Webhook Creation vulnerability

Unauthenticated Arbitrary Webhook Creation vulnerability discovered by Teerachai Somprasong in WordPress Plugin STRABL – A checkout solution versions = 4.5...

5.3CVSS5.3AI score0.00382EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder