35 matches found
CVE-2026-2381
The CVE concerns the WooCommerce Stripe Payment Gateway plugin for WordPress, affected in all versions up to 10.7.0. Root cause: missing capability check and missing order ownership/order_key verification in the wc_stripe_pay_for_order WC‑AJAX endpoint, with only a nonce validation. Impact: unaut...
CVE-2026-45217
CVE-2026-45217 concerns the WordPress Stripe Payment Gateway for WooCommerce plugin (≤ 5.0.7). Connected sources describe a Broken Authentication vulnerability allowing an Authentication Bypass via an alternate path or channel, enabling Password Recovery Exploitation. Affected component is the St...
PT-2026-43147
Name of the Vulnerable Software and Affected Versions Stripe Payment Gateway for WooCommerce versions prior to 5.0.8 Description An authentication bypass using an alternate path or channel exists in the ThemeHigh Stripe Payment Gateway for WooCommerce, which allows for password recovery...
WordPress plugin Stripe Payment Gateway for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2023-56215
Malicious code in bioql PyPI...
EUVD-2023-38124
Malicious code in bioql PyPI...
EUVD-2023-49321
Malicious code in bioql PyPI...
EUVD-2023-39085
Malicious code in bioql PyPI...
CVE-2023-44999
Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0...
CVE-2023-51502
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...
CVE-2023-35049
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0...
CVE-2023-35049
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0...
CVE-2023-35049 WordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerability
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0...
CVE-2023-35049 WordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerability
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0...
CVE-2023-44999
Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0...
CVE-2023-44999
CVE-2023-44999 is a CSRF vulnerability in the WooCommerce Stripe Payment Gateway plugin for WordPress, affecting versions up to 7.6.0. The issue allows an attacker to perform unintended actions by forging requests, with unauthenticated exploitation possible, per Patchstack and Wordfence reference...
WordPress Stripe Payment Gateway for WooCommerce Plugin <= 3.7.9 is vulnerable to SQL Injection
Software Stripe Payment Gateway for WooCommerce Type Plugin Vulnerable versions = 3.7.9 Fixed in 3.8.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0705 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 8c922733cce2 Credits Francesco Carlucci Requir...
CVE-2023-51502
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...
Authorization
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...
CVE-2023-51502 WordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR)
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.1...