AI Score
Confidence
High
EPSS
Percentile
53.8%
Description The plugin does not properly check users during the Stripe checkout process, which could allow unauthenticated attackers to log in as any users having placed an order when the Stripe checkout option is enabled
www.wordfence.com/blog/2023/08/webtoffee-addresses-authentication-bypass-vulnerability-in-stripe-payment-plugin-for-woocommerce-wordpress-plugin/