Please clarify if this is related to the Stripe Connect key or the Stripe key for accepting payments (set up in WooCommerce/Settings/Payments)? This may be related to WooCommerce because we use the provided Stripe Connect key for back-end requests only, it can’t be rendered in the front-end HTML source code of the website.
Sorry but stripe didn’t mention it in his email. They just explained us that the secret key of our stripe comtpe is visible on the page mentioned above.
They do state, however, that “Access to these keys allows anyone to access the Stripe API, including issuing discounts and refunds to your account, viewing customer data, deleting customers, and viewing your Stripe balance.”
Please make sure that you set the Stripe Connect API key strictly in HivePress/Settings/Integrations/Stripe and not anywhere else, e.g. this issue may occur if you accidentally copied this key to reCaptcha or Google Maps section, because reCaptcha and Google Maps indeed include their keys on the front-end.
This issue may be also related to WooCommerce, e.g. if you use the same key for accepting payments in WooCommerce/Settings/Payments, and for payouts (Stripe Connect) in HivePress/Settings/Integrations/Stripe, these should be separate keys if I remember correctly.