WordPress Plugin Vulnerabilities
Wallet for WooCommerce < 1.5.7 - Subscriber+ Funds Creation
Description
The plugin is vulnerable to incorrect conversion between numeric types. This is due to a numerical logic flaw when transferring funds to another user. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create funds during a transfer and distribute these funds to any number of other users or their own account, rendering products free. Attackers could also request to withdraw funds if the Wallet Withdrawal extension is used and the request is approved by an administrator.
Affects Plugins
References
Miscellaneous
Original Researcher
stealthcopter
Verified
No
WPVDB ID
Timeline
Publicly Published
2024-11-27 (about 1 year ago)
Added
2024-12-02 (about 1 year ago)
Last Updated
2024-12-02 (about 1 year ago)