Headline
CVE-2023-3162: Changeset 2925361 for payment-gateway-stripe-and-woocommerce-integration – WordPress Plugin Repository
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.
payment-gateway-stripe-and-woocommerce-integration/trunk/includes/class-stripe-checkout.php
r2826371
r2925361
165
165
'type' => 'checkbox',
166
166
'default' => 'no',
167
),
167
),
168
168
);
169
169
}
…
…
278
278
279
279
if ('yes' === $this->collect\_shipping) {
280
$session\_data\['shipping\_address\_collection'\]\['allowed\_countries'\] = \[((WC()->version < '2.7.0') ? $order->shipping\_country : $order->get\_shipping\_country())\];
280
$country = ((WC()->version < '2.7.0') ? $order->shipping\_country : $order->get\_shipping\_country());
281
if(empty($country)){
282
$country = ((WC()->version < '2.7.0') ? $order->billing\_country : $order->get\_billing\_country());
283
}
284
if (!empty($country)) {
285
$session\_data\['shipping\_address\_collection'\]\['allowed\_countries'\] = \[$country\];
286
}
281
287
282
288
}
…
…
546
552
'state' => method\_exists($order, 'get\_billing\_state') ? $order->get\_billing\_state() : $order->billing\_state,
547
553
),
548
'name' => (method\_exists($order, 'get\_billing\_first\_name') ? $order->get\_billing\_first\_name() : $order->billing\_first\_name) . (method\_exists($order, 'get\_billing\_last\_name') ? $order->get\_billing\_last\_name() : $order->billing\_last\_name),
554
'name' => (method\_exists($order, 'get\_billing\_first\_name') ? $order->get\_billing\_first\_name() : $order->billing\_first\_name) . " " . (method\_exists($order, 'get\_billing\_last\_name') ? $order->get\_billing\_last\_name() : $order->billing\_last\_name),
549
555
);
550
556
…
…
643
649
{
644
650
die(\_e('Access Denied', 'payment-gateway-stripe-and-woocommerce-integration'));
645
}
646
647
$order\_id = intval( $\_GET\['order\_id'\] );
648
$order = wc\_get\_order($order\_id);
649
650
if(isset($\_GET\['createaccount'\]) && absint($\_GET\['createaccount'\])==1)
651
{
652
$userID = (WC()->version < '2.7.0') ? $order->user\_id : $order->get\_user\_id();
653
wc\_set\_customer\_auth\_cookie( $userID );
654
651
}
655
652
payment-gateway-stripe-and-woocommerce-integration/trunk/payment-gateway-stripe-and-woocommerce-integration.php
r2903626
r2925361
6
6
* Author: WebToffee
7
7
* Author URI: https://www.webtoffee.com/product/woocommerce-stripe-payment-gateway/
8
* Version: 3.7.7
8
* Version: 3.7.8
9
9
* WC requires at least: 3.0
10
10
* WC tested up to: 7.6.0
…
…
26
26
}
27
27
if (!defined(‘EH_STRIPE_VERSION’)) {
28
define('EH\_STRIPE\_VERSION', '3.7.7');
28
define('EH\_STRIPE\_VERSION', '3.7.8');
29
29
}
30
30
if (!defined(‘EH_STRIPE_MAIN_FILE’)) {
payment-gateway-stripe-and-woocommerce-integration/trunk/readme.txt
r2903626
r2925361
6
6
Tested up to: 6.2
7
7
Requires PHP: 5.6
8
Stable tag: 3.7.7
8
Stable tag: 3.7.8
9
9
License: GPLv3
10
10
License URI: http://www.gnu.org/licenses/gpl-3.0.html
…
…
306
306
== Changelog ==
307
307
308
= 3.7.8 2023-06-13 =
309
310
* [Fix] - Vulnerability issue in Stripe checkout
311
* [Tweak] - Pass billing country to Stripe if the shipping country is not available
312
308
313
= 3.7.7 2023-04-24 =
309
314
…
…
704
709
== Upgrade Notice ==
705
710
706
= 3.7.7 =
707
708
* [Compatibility] - WP 6.2
709
* [Compatibility] - WC 7.6.0
711
= 3.7.8 =
712
713
* [Fix] - Vulnerability issue in Stripe checkout
714
* [Tweak] - Pass billing country to Stripe if the shipping country is not available
Related news
WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass vulnerability.