CVE-2026-3177

smub · charitable – donation plugin for wordpress – fundraising with recurring donations & more

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.9.7 - Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook

Description

A vulnerability identified as problematic has been detected in smub Charitable Plugin up to 1.8.9.7 on WordPress. This vulnerability affects the function payment_intent.succeeded of the component Webhook. The manipulation leads to insufficient verification of data authenticity.

Affected Products

Vendor	Product	Versions
smub	charitable – donation plugin for wordpress – fundraising with recurring donations & more	0

References

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-3177 | smub Charitable Plugin up to 1.8.9.7 on WordPress Webhook payment_intent.succeeded data authenticity

→ No new info (linked only)

CVSS 3.15.3 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA KEV❌ No

Actively exploited❌ No

CWECWE-345

PublishedApr 7, 2026

Last enriched1h agov2

Trending Score23

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.9.7 - Insufficient Verification of Data Authenticity to Unauthenticated Donation Status Forgery via Stripe Webhook

Description

Affected Products

References

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline

Version History