Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data | allinfosecnews.com

June 15, 2023, 5:29 a.m. | Guru

Cyber Security News cybersecuritynews.com

The WordPress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin. The plugin version is 7.4.1 and has nearly 900K installations worldwide. Usually, payments are redirected to externally hosted checkout pages where the checkout and payment process happens. The use of this plugin is to […]

The post Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data appeared first on Cyber Security News.

critical critical vulnerability customer customer data data gateway idor insecure object payment payments plugin process reference stripe version vulnerability vulnerable woocommerce wordpress

More from cybersecuritynews.com / Cyber Security News

LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 46 minutes ago | cybersecuritynews.com

browser browser security capital dell +24

Path Traversal Vulnerability In Popular Android Apps Let Attackers Overwrite Files an hour ago | cybersecuritynews.com

aim android android apps android security +26

ArcaneDoor Hackers Who Exploited Cisco Firewall Zero-Days Linked To China an hour ago | cybersecuritynews.com

access actor arcanedoor attacks +36

CISA Warns Of Hackers Actively Attacking GitLab Password Reset Vulnerability an hour ago | cybersecuritynews.com

access access control agency alert +28

NCSC Warns of Russian Hackers Attacking Critical National Infrastructure 2 hours ago | cybersecuritynews.com

alignment critical critical national infrastructure cyber +19

New macOS Adload Malware Bypasses Built-in macOS Antivirus Detection 5 hours ago | cybersecuritynews.com

adload antivirus apple authors +13

World Password Day 2024: Create Strong Passwords & Stay Safe Online 8 hours ago | cybersecuritynews.com

accounts cyber cyber security cyber threats +20

Beware! Threat Actors Selling RDP Access on Hacker Forums 8 hours ago | cybersecuritynews.com

access alert communities critical +28

Critical MailCleaner Vulnerabilities Let Attackers Execute arbitrary command 9 hours ago | cybersecuritynews.com

administrator attacker attackers command +17

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati

View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478

View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom

View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA

View on infosec-jobs.com