Order Tip for WooCommerce Unauthenticated Input Validation Vulnerability

A vulnerability exists in the Order Tip for WooCommerce plugin for WordPress, specifically in versions through 1.5.4. The issue arises from inadequate server-side validation of the 'data-tip' attribute, allowing unauthenticated attackers to submit excessively high or negative tip amounts. This manipulation could lead to unauthorized discounts, potentially allowing orders to be processed for free.

Impact

Exploitation of this vulnerability could result in unauthorized discounts being applied to WooCommerce orders, with the potential to create free orders by submitting specific tip values.

Reproduction

To reproduce this vulnerability, an unauthenticated user can submit a tip amount through the 'data-tip' attribute without any server-side validation. This can be done by manipulating the request data to include a tip value that is excessively high or negative, which will then be processed as a valid tip amount, leading to unauthorized discounts on the order.

Remediation

Users can update to Order Tip for WooCommerce version 1.5.5 or later, where this vulnerability has been addressed.