Search criteria
2 vulnerabilities by railmedia
CVE-2025-6025 (GCVE-0-2025-6025)
Vulnerability from cvelistv5 – Published: 2025-08-15 02:24 – Updated: 2025-08-15 12:43
VLAI?
Title
Order Tip for WooCommerce <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts
Summary
The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the `data-tip` attribute, which makes it possible for unauthenticated attackers to apply an excessive or even negative tip amount, resulting in unauthorized discount up to free orders depending on the value submitted.
Severity ?
7.5 (High)
CWE
- CWE-602 - Client-Side Enforcement of Server-Side Security
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| railmedia | Order Tip for WooCommerce |
Affected:
* , ≤ 1.5.4
(semver)
|
Credits
Rajesh Singh
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6025",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-15T12:43:50.775732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T12:43:56.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Order Tip for WooCommerce",
"vendor": "railmedia",
"versions": [
{
"lessThanOrEqual": "1.5.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rajesh Singh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the `data-tip` attribute, which makes it possible for unauthenticated attackers to apply an excessive or even negative tip amount, resulting in unauthorized discount up to free orders depending on the value submitted."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-602",
"description": "CWE-602 Client-Side Enforcement of Server-Side Security",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T02:24:22.653Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bcd18bd-032e-4a97-83aa-a377f9b1f435?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/order-tip-woo/trunk/frontend/views/tip-form.php#L49"
},
{
"url": "https://plugins.trac.wordpress.org/browser/order-tip-woo/trunk/assets/build/front.bundle.js"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3318615%40order-tip-woo\u0026new=3318615%40order-tip-woo\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-02T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-06-12T14:44:53.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-14T13:51:21.000Z",
"value": "Disclosed"
}
],
"title": "Order Tip for WooCommerce \u003c= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6025",
"datePublished": "2025-08-15T02:24:22.653Z",
"dateReserved": "2025-06-12T12:07:16.620Z",
"dateUpdated": "2025-08-15T12:43:56.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1119 (GCVE-0-2024-1119)
Vulnerability from cvelistv5 – Published: 2024-03-20 06:48 – Updated: 2024-08-05 16:21
VLAI?
Summary
The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_tips_to_csv() function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin's order fees.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| railmedia | Order Tip for WooCommerce |
Affected:
* , ≤ 1.3.1
(semver)
|
Credits
Francesco Carlucci
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:30.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f837d6b-d1fa-4019-892a-dca3c0f29ca7?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/order-tip-woo/trunk/admin/controllers/reports.class.php#L359"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3052259%40order-tip-woo\u0026new=3052259%40order-tip-woo\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:adrian_emil_tudorache:order_tip:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "order_tip",
"vendor": "adrian_emil_tudorache",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T15:34:04.144802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T16:21:47.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Order Tip for WooCommerce",
"vendor": "railmedia",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_tips_to_csv() function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin\u0027s order fees."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-20T06:48:26.874Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f837d6b-d1fa-4019-892a-dca3c0f29ca7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/order-tip-woo/trunk/admin/controllers/reports.class.php#L359"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3052259%40order-tip-woo\u0026new=3052259%40order-tip-woo\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-19T00:00:00.000Z",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1119",
"datePublished": "2024-03-20T06:48:26.874Z",
"dateReserved": "2024-01-31T13:23:52.701Z",
"dateUpdated": "2024-08-05T16:21:47.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}