Primary

Context

ThemeHigh Stripe Payment Gateway for WooCommerce Broken Authentication Vulnerability

Vulnerability

Patched

A vulnerability allowing authentication bypass has been identified in the ThemeHigh Stripe Payment Gateway for WooCommerce, affecting versions through 5.0.7. This vulnerability allows exploitation of the password recovery process, potentially leading to unauthorized actions that should only be performed by users with higher privileges.

Impact

Exploitation of this vulnerability could allow a malicious actor to perform actions reserved for higher privileged users, potentially gaining administrative access to the website.

Remediation

Users of the ThemeHigh Stripe Payment Gateway for WooCommerce should update to version 5.0.8 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: May 26, 2026, 5:59 PM

Updated: May 26, 2026, 5:59 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

9.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ThemeHigh Stripe Payment Gateway for WooCommerce Broken Authentication Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ThemeHigh Stripe Payment Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating