CVE-2026-2381 | WooCommerce Stripe Payment Gateway Plugin up to 10.7.0 on WordPress AJAX Endpoint ajax_pay_for_order authorization

SecurityVulns

A vulnerability marked as critical has been reported in WooCommerce Stripe Payment Gateway Plugin up to 10.7.0 on WordPress. This affects the function ajax_pay_for_order of the component AJAX Endpoint. This manipulation causes missing authorization.

This vulnerability appears as CVE-2026-2381. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More