Stripe

  • Blog
    digitpatroxDecember 11, 2024
    124

    WPForms bug allows Stripe refunds on millions of WordPress sites

    A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. Tracked under CVE-2024-11205, the flaw was categorized as a high-severity problem due to the authentication prerequisite. However, given that membership systems are available on most sites, exploitation may be fairly easy in most cases. The…

    Read More »
Back to top button
close