Themehigh Payment Gateway Of Stripe For Woocommerce vulnerabilities
2 known vulnerabilities affecting themehigh/payment_gateway_of_stripe_for_woocommerce.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-0705P2HIGHCVSS 7.5PoC≤ 3.7.92024-01-19
CVE-2024-0705 [HIGH] CWE-89 CVE-2024-0705: The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via th
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional
nvd
CVE-2023-3162P2CRITICALCVSS 9.8≤ 3.7.72023-08-31
CVE-2023-3162 [CRITICAL] CWE-288 CVE-2023-3162: The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypas
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically cus
nvd