Vulnerabilities > Paymentplugins > Stripe FOR Woocommerce > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-04 | CVE-2021-39347 | Missing Authorization vulnerability in Paymentplugins Stripe for Woocommerce The Stripe for WooCommerce WordPress plugin is missing a capability check on the save() function found in the ~/includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE identifier and make purchases with their payment accounts. | 4.0 |