EUVD-2025-24962

Malicious code in bioql PyPI...

CVE-2025-6025

The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the data-tip attribute, which makes it possible for unauthenticated attackers to apply an...

CVE-2025-6025

CVE-2025-6025 concerns the Order Tip for WooCommerce plugin (WordPress) with unauthenticated input validation failure on the data-tip attribute, affecting all versions up to 1.5.4. The issue enables callers to submit tip values (including negative amounts) that can yield unauthorized discounts, p...

CVE-2025-6025 Order Tip for WooCommerce <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts

The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the data-tip attribute, which makes it possible for unauthenticated attackers to apply an...

CVE-2025-6025 Order Tip for WooCommerce <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts

The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the data-tip attribute, which makes it possible for unauthenticated attackers to apply an...

WordPress plugin Order Tip for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-33427 · WordPress · Order Tip For Woocommerce

Name of the Vulnerable Software and Affected Versions: Order Tip for WooCommerce versions up to and including 1.5.4 Description: The Order Tip for WooCommerce plugin for WordPress is susceptible to improper input validation. The lack of server-side validation on the data-tip attribute allows...

CVE-2024-1119

The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exporttipstocsv function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin's order fees...

CVE-2024-1119

CVE-2024-1119 – Order Tip for WooCommerce (WordPress) : Unauthenticated users can export the plugin’s order fees due to a missing authorization check in export_tips_to_csv() across all versions up to 1.3.1. This is a broken access control vulnerability that enables data exposure. A fix is availab...

CVE-2024-1119 Order Tip for WooCommerce <= 1.3.1 - Missing Authorization to Unauthenticated Data Export

The Order Tip for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exporttipstocsv function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to export the plugin's order fees...

WordPress Order Tip for WooCommerce Plugin <= 1.3.1 is vulnerable to Broken Access Control

Software Order Tip for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1119 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f66f4219506 Credits Francesco Carlucci...

WordPress Plugin Order Tip for WooCommerce Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...