| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-46088 | WordPress WP Full Stripe Free Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) | Mammothology | WP Full Stripe Free | Medium | 5.9 | 2023-10-26 12:23:26 | Deep Dive |
| CVE-2023-3162 | Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass | themehigh | Payment Gateway of Stripe for WooCommerce | Critical | 9.8 | 2023-08-31 05:33:07 | Deep Dive |
| CVE-2023-4040 | WordPress plugin Stripe Payment Plugin for WooCommerce 安全漏洞 | webtoffee | Stripe Payment Plugin for WooCommerce | Medium | 5.3 | 2023-08-18 06:46:51 | Deep Dive |
| CVE-2023-28934 | WordPress WP Full Stripe Free Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) | Mammothology | WP Full Stripe Free | Medium | 5.9 | 2023-08-08 12:25:45 | Deep Dive |
| CVE-2023-24405 | WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF) | Scott Paterson | Contact Form 7 – PayPal & Stripe Add-on | Medium | 5.4 | 2023-07-10 11:58:09 | Deep Dive |
| CVE-2023-34000 | WordPress WooCommerce Stripe Payment Gateway Plugin <= 7.4.0 is vulnerable to Insecure Direct Object References (IDOR) | WooCommerce | WooCommerce Stripe Payment Gateway | High | 7.5 | 2023-06-14 07:30:11 | Deep Dive |
| CVE-2023-2407 | Event Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.10.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | vcita | Event Registration Calendar By vcita | Medium | 6.1 | 2023-06-03 04:35:13 | Deep Dive |
| CVE-2023-2406 | Event Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | vcita | Event Registration Calendar By vcita | Medium | 6.4 | 2023-06-03 04:35:13 | Deep Dive |
| CVE-2022-47422 | WordPress WordPress Stripe Donation and Payment Plugin Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF) | HM Plugin | Accept Stripe Donation – AidWP | Medium | 4.3 | 2023-03-14 08:47:08 | Deep Dive |
| CVE-2023-23865 | WordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF) | Checkout Plugins | Stripe Payments For WooCommerce by Checkout Plugins | Medium | 4.3 | 2023-02-28 14:45:53 | Deep Dive |
| CVE-2022-3986 | WP Stripe Checkout < 1.2.2.21 - Contributor+ Stored XSS | Unknown | WP Stripe Checkout | 中危 | - | 2022-12-19 13:41:39 | Deep Dive |
| CVE-2022-2194 | Accept Stripe Payments < 2.0.64 - Admin+ Stored Cross-Site Scripting | Unknown | Accept Stripe Payments | 中危 | - | 2022-07-17 10:37:22 | Deep Dive |
| CVE-2022-1610 | Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF | Unknown | Seamless Donations: A Platform for Global Fundraising and Rebuilding using Stripe and PayPal | 中危 | - | 2022-06-20 10:25:53 | Deep Dive |
| CVE-2022-29188 | Smokescreen SSRF via deny list bypass (square brackets) in Smokescreen | stripe | smokescreen | Medium | 5.3 | 2022-05-20 23:50:10 | Deep Dive |
| CVE-2022-24825 | Smokescreen SSRF via deny list bypass | stripe | smokescreen | Medium | 5.8 | 2022-04-19 19:45:12 | Deep Dive |
| CVE-2022-24753 | Code injection in Stripe CLI on windows | stripe | stripe-cli | High | 7.7 | 2022-03-09 22:35:09 | Deep Dive |
| CVE-2021-39347 | Stripe for WooCommerce 3.0.0 - 3.3.9 Missing Authorization Controls to Financial Account Hijacking | Stripe for WooCommerce | Stripe for WooCommerce | Medium | 4.3 | 2021-10-04 17:21:49 | Deep Dive |
| CVE-2021-21420 | Vulnerability in Stripe for Visual Studio Code < 1.7.3 | stripe | vscode-stripe | High | 7.5 | 2021-04-01 21:40:10 | Deep Dive |