CVE-2026-45217: WordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerability
Published May 25, 2026
·Updated
Authentication Bypass Using an Alternate Path or Channel vulnerability in ThemeHigh Stripe Payment Gateway for WooCommerce allows Password Recovery Exploitation. This issue affects Stripe Payment Gateway for WooCommerce: from n/a through 5.0.7.
Affected Software
1 affected component
wordpress/themehigh/stripe-payment-gateway-for-woocommerce<=5.0.7
Remediation
Information
Update the WordPress Stripe Payment Gateway for WooCommerce Plugin to the latest available version (at least 5.0.8).
Event History
May 25, 2026
CVE Published
via MITRE·10:29 PM
Data Sourced
via MITRE·10:29 PM
RemedyDescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2026-45217?
The severity of CVE-2026-45217 is medium with a CVSS score of 6.5.
2
How do I fix CVE-2026-45217?
To fix CVE-2026-45217, update the WordPress Stripe Payment Gateway for WooCommerce plugin to version 5.0.8 or later.
3
What type of vulnerability is CVE-2026-45217?
CVE-2026-45217 is a Broken Authentication vulnerability that allows password recovery exploitation.
4
Which versions are affected by CVE-2026-45217?
CVE-2026-45217 affects the WordPress Stripe Payment Gateway for WooCommerce plugin up to version 5.0.7.
5
What impact does CVE-2026-45217 have on my website?
CVE-2026-45217 could allow unauthorized access through authentication bypass, potentially compromising user accounts.