CVE-2026-2892

Description

The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due to the get_customer_data method relying on an unsigned o_stripe_data cookie to determine Stripe product ownership for unauthenticated users. The check_purchase method trusts this cookie data without performing server-side verification against the Stripe API for one-time payment mode purchases. This makes it possible for unauthenticated attackers to bypass Stripe purchase-gated content visibility conditions by forging the o_stripe_data cookie with a target product ID, which is publicly exposed in the checkout blocks HTML source.