Stripe Payment Plugin Unauthorised Sqli CVE-2024-0705 Exploit - System32

svg

svg

svg

Now Reading: Stripe Payment Plugin Unauthorised Sqli CVE-2024-0705 Exploit

Loading

Loading

Payment Element.750bc8af6d17414b54dc09ae8acb8efb

Exploits And POCs Tools

January 23, 2024 / Prapattimynk

Stripe Payment Plugin Unauthorised Sqli CVE-2024-0705 Exploit

29

Share

Ads

Description

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Upvote0PointsDownvote

0 People voted this article. 0 Upvotes - 0 Downvotes.

Prev Post

Tenable Core + Web Application Scanning (OL8) Free

Next Post

GoAnywhere MFT Authentication Bypass CVE-2024-0204 Exploit

What do you think?

It is nice to know your opinion. Leave a comment.

Leave a reply Cancel reply

Subscribe & Follow

Popular Posts

01

Craxs Rat V6.7 Working Free Download

September 14, 2023

02

FHR Electric Data Leak

July 8, 2023

03

Postfix SMTP Smuggling CVE-2023-51764 Exploit

December 27, 2023

04

WSPCoerce - PoC to coerce authentication from Windows hosts using MS-WSP

July 28, 2023

05

CVE-2023-20110 Exploit | Cisco Smart Software Manager On-Prem SQL Injection

July 16, 2023

Categories

Cyber sec44
Database123
Exploits And POCs213
Malicious Scripts139
Tools137
Malwares54
Softwares36

Loading

svg

Quick Navigation

1
Stripe Payment Plugin Unauthorised Sqli CVE-2024-0705 Exploit