Skip to main content

Stripe Payment Plugin For Woocommerce

3 CVEs product

Monthly

CVE-2024-0705 CRITICAL POC PATCH THREAT Act Now

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

SQLi WordPress Stripe Payment Plugin For Woocommerce
NVD VulDB
CVSS 3.1
9.8
EPSS
19.7%
Threat
4.1
CVE-2023-3162 CRITICAL PATCH Act Now

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass WordPress Stripe Payment Plugin For Woocommerce
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-4040 MEDIUM PATCH This Month

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress Authentication Bypass Stripe Payment Plugin For Woocommerce
NVD
CVSS 3.1
5.3
EPSS
0.4%
EPSS 20% 4.1 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

SQLi WordPress Stripe Payment Plugin For Woocommerce
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass WordPress Stripe Payment Plugin For Woocommerce
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress Authentication Bypass Stripe Payment Plugin For Woocommerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy