A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million active installations globally. This flaw, identified by researcher villu164 through the Wordfence Bug Bounty Program, allows authenticated users with at least subscriber-level permissions to issue unauthorized refunds for Stripe payments and cancel Stripe subscriptions. The vulnerability, categorized […]

The post WPForms Vulnerability Let Users Issues Subscription Payments appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/wpforms-vulnerability/