Searchenginejournal.com

WPForms Plugin Vulnerability Affects Up To 6 Million Sites

The WPForms plugin for WordPress exposes websites to a vulnerability that allows attackers to update subscriptions and issue refunds. This flaw enables attackers to modify data they normally should ...
Bleeping Computer

WPForms bug allows Stripe refunds on millions of WordPress sites

A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. Tracked under ...
TechRadar

Security flaw in top WordPress plugin could allow for Stripe refunds on millions of sites

Security researchers found a flaw in WPForms, a popular WordPress plugin for forms The bug allows malicious actors to ask for Stripe refunds and cancel certain subscriptions Developers were notified, ...