VYPR
Vendor

Stripe For Woocommerce

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2024-6353HigJul 12, 2024
    risk 0.50cvss 8.8epss 0.01

    The Wallet for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'search[value]' parameter in all versions up to, and including, 1.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. …

  • CVE-2024-9212MedMar 1, 2025
    risk 0.33cvss 6.1epss 0.00

    The SKU Generator for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to…

  • CVE-2024-12220MedDec 17, 2024
    risk 0.33cvss 6.1epss 0.00

    The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web…

  • CVE-2024-7747Nov 28, 2024
    risk 0.00cvss epss 0.00

    The Wallet for WooCommerce plugin for WordPress is vulnerable to incorrect conversion between numeric types in all versions up to, and including, 1.5.6. This is due to a numerical logic flaw when transferring funds to another user. This makes it possible for authenticated…

  • CVE-2021-39347Oct 4, 2021
    risk 0.00cvss epss 0.01

    The Stripe for WooCommerce WordPress plugin is missing a capability check on the save() function found in the ~/includes/admin/class-wc-stripe-admin-user-edit.php file that makes it possible for attackers to configure their account to use other site users unique STRIPE…