Lucene search
PatchstackCVELIST:CVE-2023-35049HistoryJun 19, 2024 - 12:26 p.m.
CVE-2023-35049 WordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerability
2024-06-1912:26:52
CWE-862
Patchstack
www.cve.org
7
wordpress
woocommerce
stripe payment gateway
unauthenticated access control
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
9.0%
Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-gateway-stripe",
"product": "WooCommerce Stripe Payment Gateway",
"vendor": "WooCommerce",
"versions": [
{
"changes": [
{
"at": "7.4.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "7.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpexploit
wpexploit
WooCommerce Stripe Payment Gateway < 7.4.1 - Subscriber+ Order Intent Update
2023-06-26 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-35049
2024-06-19 13:15:52
nvd
nvd
CVE-2023-35049
2024-06-19 13:15:52
wpvulndb
wpvulndb
WooCommerce Stripe Payment Gateway < 7.4.1 - Subscriber+ Order Intent Update
2023-06-26 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2023-35049