The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-08-31T05:33:07.144Z
Updated: 2024-08-02T06:48:07.784Z
Reserved: 2023-06-08T12:39:24.512Z
Link: CVE-2023-3162
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-31T06:15:09.737
Modified: 2023-11-07T04:18:04.957
Link: CVE-2023-3162
Redhat
No data.