CVE-2026-5234 | LatePoint Plugin up to 5.3.2 on WordPress Error Message create_payment_intent_for_transaction transaction_intent_key authorization

A vulnerability was found in LatePoint Plugin up to 5.3.2 on WordPress and classified as critical. This vulnerability affects the function OsStripeConnectController::create_payment_intent_for_transaction of the component Error Message Handler. Such manipulation of the argument transaction_intent_key leads to authorization bypass.

This vulnerability is listed as CVE-2026-5234. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More