CYBERHAWK / CVE / CVE-2026-2892

CVE-2026-2892

WordPress Otter Blocks Plugin

HIGH CVSS 7.5 vibe

The flaw

Purchase verification bypass allows unauthenticated attackers to forge Stripe ownership via unsigned cookies.

What to do

Update to version 3.1.5 or later

▸ Scan my repo for CVE-2026-2892

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-01 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits