Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WP Full Stripe Free 1.6.1

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 5, 2023

The WP Full Stripe Free plugin for WordPress is vulnerable to malicious code being inserted into certain pages. This code can be used to harm people who visit the website, if certain conditions are met. The vulnerable versions are up to and including 1.6.1. In order to be vulnerable, the website must be a multi-site installation, or have a certain kind of security feature disabled. Administrators with access to the website should update the plugin to a non-vulnerable version to protect their users.

Detected in:

Accept Payments with Stripe – WP Full Pay for WordPress fixed vulnerable versions:
Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions fixed vulnerable versions:
Stripe Payment forms for WordPress – WP Full Pay fixed vulnerable versions:
Stripe Payment forms for WordPress Plugin – WP Full Pay fixed vulnerable versions:
WP Full Stripe fixed vulnerable versions:
WP Full Stripe Free fixed vulnerable versions: >= * <= 7.0.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.