CVE-2021-39347
CVE-2021-39347 affects the WordPress Stripe for WooCommerce plugin (versions 3.0.0–3.3.9). The issue is a missing capability check in the save() function of includes/admin/class-wc-stripe-admin-user-edit.php, enabling an attacker to configure a user’s account to use another user’s Stripe identifi...