CVE Catalog
CVE-2026-42378
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.39%
31th percentile - higher than 31% of all known CVEs
Summary
There is a broken authentication issue in WP Full Stripe Free versions up to 8.4.1, which may lead to unauthorized access to user accounts.
Risk Assessment
The organization may be exposed to unauthorized user actions, potentially resulting in data loss or privacy breaches.
Recommendation
It is recommended to update the WP Full Stripe Free plugin to the latest version to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Broken Authentication in WP Full Stripe Free <= 8.4.1 versions.

