Hi,
I just stumbled upon two empty orders without any content, no address, nothing…
The attacker used direct Ajax calls like ?wc-ajax=ppc-create-order / ?wc-ajax=ppc-approve-order to create and confirm orders directly.
As a result, orders were created and confirmed, reducing stock.
I wonder how this is possible in the first place and how I can harden the system against attacks like this,
Thanks
Markus