Searchenginejournal.com

WPForms Plugin Vulnerability Affects Up To 6 Million Sites

The WPForms plugin for WordPress exposes websites to a vulnerability that allows attackers to update subscriptions and issue refunds. This flaw enables attackers to modify data they normally should ...
Bleeping Computer

WPForms bug allows Stripe refunds on millions of WordPress sites

A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. Tracked under ...
TechRadar

Security flaw in top WordPress plugin could allow for Stripe refunds on millions of sites

WPForms is installed on more than six million websites across the internet, with roughly half currently running an old and vulnerable version. Researchers have not yet found evidence of abuse in the ...
heise online

Wordpress: WPForms plug-in tears security hole in 6 million websites

Attackers can abuse a loophole in the Wordpress plug-in WPForms to reverse payments, for example. Six million websites use the plug-in. The Wordpress plug-in WPForms is one of the most popular ...