Popup stealing customer info?

Hi there! I initially reached out to Woocommerce (see post here) but it seems that Storefront may be involved. Here’s the issue:

I am concerned that a newly appearing popup is stealing customers’ credit card info. A few days ago, someone bought something off our website. After clicking “Place Order”, a popup appeared asking for credit card information. She filled it out. The next day, there were unauthorized charges on her card.

Apparently the button “Proceed to Paypal” is being incorrectly replaced with a custom “Place Order” button which leads instead to the popup.

There’s no other evidence of the site being hacked. Additionally, our hosting provider (shared hosting) says there have been no recent data breaches on the server, and there are no malicious/corrupted files either on the server in general or our website files specifically.

I went to troubleshoot, with the theme Twenty Twenty Three and only the Woocommerce plugin enabled. And voila, the issue disappeared. One by one, I enabled plugins to see which was causing the issue, and to my surprise, none of them caused a problem. So then I reactivated the Storefront theme, and that was when the issue came back. So it would seem that the Storefront theme is the one causing the button replacement/popup.

Thanks for bearing with me in this long post. What are the next steps I need to take? Any help would be greatly appreciated!

The page I need help with: [log in to see the link]