Vulnerability In WooCommerce Stripe Payment Gateway Plugin Affects 900,000+ Websites

Vulnerability allows hackers to steal sensitive customer information from websites using popular WooCommerce payment plugin

The WooCommerce Stripe payment gateway plugin was discovered to have a vulnerability that allows an attacker to steal customer personally identifiable information (PII) from stores using the plugin.

[{"selector":"#anim-10fabb9c-2f18-42b9-aa6f-43b27aafa478","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

Security researchers warn that hackers do not need authentication to pull off the exploit, which received a rating of high, 7.5 on a scale of 1 – 10.

[{"selector":"#anim-935b0934-1039-4a6e-b8b6-83ca91f03312","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

The Stripe payment gateway plugin, developed by WooCommerce, Automattic, WooThemes and other contributors, is installed in over 900,000 websites.

[{"selector":"#anim-30b433b3-ce74-44b2-86b5-e715e1deb0b7","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}] [{"selector":"#anim-83466bb5-838c-40ac-aa3f-736390a154f5","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

It offers an easy way for customers at WooCommerce stores to checkout, with a number of different credit cards and without having to open an account.

[{"selector":"#anim-4c5da287-e4da-4a1d-ac4e-565b8c7e7b6c","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

A Stripe account is automatically created at checkout, providing customers with a frictionless ecommerce shopping experience.

[{"selector":"#anim-6f9bff64-7b39-4b21-bced-8ea806b8e5dd","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

The plugin works through an application programming interface (API ). An API is like a bridge between two software that allows the WooCommerce store to interact with the Stripe software to process orders from the website to Stripe seamlessly.

[{"selector":"#anim-d0bd5126-3076-43fd-8ca3-7cbedde37264","keyframes":{"transform":["rotate(-540deg) scale(0.1)","none"],"opacity":[0,1]},"delay":0,"duration":1000,"fill":"both","iterations":1}]

Vulnerability allows hackers to steal sensitive customer information from websites using popular WooCommerce payment plugin

Vulnerability In WooCommerce Stripe Payment Gateway Plugin Affects 900,000+ Websites

Brought to you by Trickyenough

The WooCommerce Stripe payment gateway plugin was discovered to have a vulnerability that allows an attacker to steal customer personally identifiable information (PII) from stores using the plugin.

Brought to you by Trickyenough

Security researchers warn that hackers do not need authentication to pull off the exploit, which received a rating of high, 7.5 on a scale of 1 – 10.

Brought to you by Trickyenough

The Stripe payment gateway plugin, developed by WooCommerce, Automattic, WooThemes and other contributors, is installed in over 900,000 websites.

WooCommerce Stripe Payment Gateway Plugin

Brought to you by Trickyenough

It offers an easy way for customers at WooCommerce stores to checkout, with a number of different credit cards and without having to open an account.

Brought to you by Trickyenough

A Stripe account is automatically created at checkout, providing customers with a frictionless ecommerce shopping experience.

Brought to you by Trickyenough

The plugin works through an application programming interface (API ). An API is like a bridge between two software that allows the WooCommerce store to interact with the Stripe software to process orders from the website to Stripe seamlessly.

Brought to you by Trickyenough