WordPress Plugin Vulnerabilities

Wallet for WooCommerce < 1.5.7 - Subscriber+ Funds Creation

Description

The plugin is vulnerable to incorrect conversion between numeric types. This is due to a numerical logic flaw when transferring funds to another user. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create funds during a transfer and distribute these funds to any number of other users or their own account, rendering products free. Attackers could also request to withdraw funds if the Wallet Withdrawal extension is used and the request is approved by an administrator.

Affects Plugins

Fixed in 1.5.7

References

Miscellaneous

Original Researcher
stealthcopter
Verified
No

Timeline

Publicly Published
2024-11-27 (about 1 year ago)
Added
2024-12-02 (about 1 year ago)
Last Updated
2024-12-02 (about 1 year ago)

Other