CVE-2026-45217

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7.

medium 6.5 CVSS 3.1

Published: May 25, 2026

Modified: May 26, 2026

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation.

This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7.

References

https://patchstack.com/database/wordpress/plugin/payment-gateway-stripe-and-woocommerce-integration/vulnerability/wordpress-stripe-payment-gateway-for-woocommerce-plugin-5-0-7-broken-authentication-vulnerability?_s_id=cve

Version	3.1
Score	6.5 / 10
Severity	medium