CVE-2023-35049
WordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerabilityMissing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0.
We have discovered 14,572 live websites that are affected by CVE-2023-35049.
Affected Software
| Product |  WooCommerce Stripe Payment Gateway |
| Category | Wordpress Plugins |
| Vulnerable Domains | 14,572 live websites (25.27% of WooCommerce Stripe Payment Gateway install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 141 versions ( 81.03% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Jun 19, 2024
- Updated - Aug 2, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2023-35049 usage by Country
 United States | 5,748 websites |
 France | 1,897 websites |
 Germany | 1,374 websites |
 GB | 1,203 websites |
 Australia | 536 websites |
 Spain | 522 websites |
 Italy | 413 websites |
 Japan | 330 websites |
 Switzerland | 313 websites |
 Canada | 244 websites |
CVE-2023-35049 usage by TLD
| .com | 8,076 websites |
| .co.uk | 1,000 websites |
| .fr | 659 websites |
| .com.au | 639 websites |
| .org | 353 websites |
| .it | 339 websites |
| .de | 302 websites |
| .es | 268 websites |
| .net | 224 websites |
| .ca | 211 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-35049
Top websites that are affected by CVE-2023-35049. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **********.com | United States | *,*** | |
| ***********.net | United States | **,*** | |
| **********.com | United States | **,*** | |
| ************.com | United States | **,*** | |
| **************.org | United States | **,*** | |
| *********.***.uk | United States | **,*** | |
| ********.org | United States | **,*** | |
| **********.com | France | **,*** | |
| *******.**.uk | GB | **,*** | |
| ******.com | United States | **,*** |
FAQ
CVE-2023-35049 is Missing Authorization in WooCommerce Stripe Payment Gateway
A total of 14,572 websites have been identified as vulnerable to CVE-2023-35049, discovered through global website indexing conducted by WebTechSurvey.
WooCommerce Stripe Payment Gateway is susceptible to CVE-2023-35049 vulnerability.
WooCommerce Stripe Payment Gateway versions before, and including, 7.4 are vulnerable to CVE-2023-35049.