Lucene search
PatchstackCVE-2023-35049HistoryJun 19, 2024 - 1:15 p.m.
CVE-2023-35049
2024-06-1913:15:52
CWE-862
Patchstack
web.nvd.nist.gov
56
organization
individual
nvd
candidate reserved
security problem
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
9.0%
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0.
Affected configurations
Node
woocommercestripe_payment_gatewayRange≤7.4.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| woocommerce | stripe_payment_gateway | * | cpe:2.3:a:woocommerce:stripe_payment_gateway:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-gateway-stripe",
"product": "WooCommerce Stripe Payment Gateway",
"vendor": "WooCommerce",
"versions": [
{
"changes": [
{
"at": "7.4.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpexploit
wpexploit
WooCommerce Stripe Payment Gateway < 7.4.1 - Subscriber+ Order Intent Update
2023-06-26 00:00:00
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2023-35049
2024-06-19 13:15:52
wpvulndb
wpvulndb
WooCommerce Stripe Payment Gateway < 7.4.1 - Subscriber+ Order Intent Update
2023-06-26 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
9.0%
Related for CVE-2023-35049