Magento 2 | Stripe Plugin Upgrade Issue

eCommerce Shopping Cart Magento logo

Environment:

Magento 2.3.4, Stripe Payment (Pre 1.8.8).

Background:

8th July 2020 Stripe notified us via email about a known cross scripting exploit and vulnerability and that we needed to upgrade.

Problem:

Attempts to upgrade from the Cryoznic version of the Stripe plugin to the New Official Stripe plugin failed.

Consequential Problems:

Security vulnerability in the Stripe plugin.

What we tried:

  • Deleting previous instances of the plugin (files and database)
  • Installing on clean Magento local version as per the install/migrate link here

Solution for this case:

Currently preparing fix and due to appear shortly.

From Stripe:
'We’ve discovered a security issue with the Magento plugin that you use to accept payments with Stripe. We’ve fixed this issue in the latest version. You should update your plugin as soon as possible. Here’s how to update: https://stripe.com/docs/plugins/magento/install?platform=magento2#migration
....
In versions prior to 1.8.8, your Magento webstore was vulnerable to an attacker who could potentially inject code to see your customers’ details (called cross-site scripting), including addresses or card tokens.'



Get a Quote

If you would like a bespoke price for your web design project, please complete the form shown here and we'll get back to you.

Web Design Articles

Share the Post:

Related Posts

AI logos (Gemini, Chat GPT)

How You Can Rank High in AI

As AI-powered tools like ChatGPT rapidly transform how people search, we’re entering a new digital gold rush—where visibility is no longer earned through traditional SEO alone. If your website isn’t structured for AI, you risk becoming invisible just as a new wave of search dominance begins. To stay competitive, your content must be clear, trustworthy, and AI-readable. In this guide, we’ll walk you through a 10-point plan to build websites that not only rank in search engines—but also get cited in AI-generated answers. Whether you’re starting fresh or optimising an existing site, now is the time to act and get ahead of the curve—before your competitors do.

Read More