Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

What happens if someone modifies the product price in an hacking attempt

by

Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › WP eStore F.A.Q/Instructions › What happens if someone modifies the product price in an hacking attempt

Tagged: PayPal Hack

  • This topic has 4 replies, 5 voices, and was last updated 8 years, 8 months ago by wzp.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • August 7, 2010 at 9:41 am #1638
    amin007
    Participant

    There is this old trick whereby someone tries to modify the prices shown on a webpage by injecting queries into the form but this trick doesn’t work on WP eStore.

    WP eStore has post payment verification that checks the amount paid against the correct amount of the product stored in the database. So if someone dynamically changed the price on the webpage then the post payment verification of eStore will catch this and flag the transaction as a scam (no download links will be given to the customer for this payment).

    More details on WP eStore’s post payment verification can be found here:

    http://www.tipsandtricks-hq.com/ecommerce/wordpress-ecommerce-knowledgebase-523#payment-verification

    I am sure the scammer won’t make a noise about it as they know that they were trying to steal, so you get to keep the money they paid too :)

    So in summary, the post payment verification of eStore will fail if anyone tampers with the data and eStore won’t update the database. WP eStore will automatically detect this tampering and send you (the admin) an email when this happens (with some details) so you can investigate this further.

    August 8, 2010 at 1:48 pm #23136
    SMaz
    Member

    This should be added somewhere on your features list if it isn’t already. A great selling point.

    July 30, 2014 at 4:33 am #23137
    jgroup
    Member

    Well, something else happened then. Someone found a security hole in Paypal and told me as much. This is the Google translator version from the French:

    A flaw in the paypal payment mode that allows change the price of an order given by altering :) brief must change the mode of payment paypal on your site by another as ifthat is not secure. well worth a free pack? : 3 no … okay: p

    So, there is a security hole somewhere.

    July 30, 2014 at 5:31 am #23138
    admin
    Keymaster

    There is no hole. Ignore emails like these (it is likely a scammer).

    July 30, 2014 at 1:35 pm #23139
    wzp
    Moderator

    @jgroup — Every few years, like clockwork, this question comes up:

    https://support.tipsandtricks-hq.com/forums/topic/security-vulnerability

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • WP PDF Stamper Documentation
  • WP Photo Seller Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial
  • WP Photo Seller Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2023 | Tips and Tricks HQ