PT-2026-43147 · Themehigh · Woocommerce Stripe Payment Gateway
Jakub Herman
·
Published
2026-05-25
·
Updated
2026-05-26
·
CVE-2026-45217
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Stripe Payment Gateway for WooCommerce versions prior to 5.0.8
Description
An authentication bypass using an alternate path or channel exists in the ThemeHigh Stripe Payment Gateway for WooCommerce, which allows for password recovery exploitation.
Recommendations
Update to a version newer than 5.0.7.
Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Woocommerce Stripe Payment Gateway