cleantalk
Vulnerabilities and Security Researches

Accept Stripe Payments, CVE-2021-47983

CVE, Research URL

CVE-2021-47983

Home page URL

Security reports for Accept Stripe Payments

Application

Accept Stripe Payments

Published on
Jun 08, 2026
Research Description
WordPress Plugin Stripe Payments 2.0.39 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the AcceptStripePayments-settings[currency_code] parameter. Attackers can submit POST requests to /wp-admin/options.php with script payloads in the currency_code field to execute arbitrary JavaScript in administrator browsers when settings are viewed.
Affected versions
max 2.0.39.
Status
vulnerable
Previous vulnerability researches
WPC Product Bundles for WooCommerce (CVE-2026-48883) , Jun 09, 2026
WPC Product Bundles for WooCommerce (CVE-2023-52127) , Jun 07, 2024
WPC Product Bundles for WooCommerce (CVE-2026-32406) , Mar 29, 2026
New vulnerability
WP Time Slots Booking Form (CVE-2026-48882) , Jun 10, 2026
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2026-49768) , Jun 10, 2026
Accept Stripe Payments (CVE-2021-47983) , Jun 10, 2026
Recipe Card Blocks for Gutenberg & Elementor – Best WordPress Recipe Plugin (CVE-2026-3011) , Jun 10, 2026
Drag and Drop Multiple File Upload – Contact Form 7 (CVE-2026-49055) , Jun 10, 2026