Support » Plugin: WooCommerce » Incorrect Value Passed to PayPal

  • Resolved DavidBowen

    (@davidbowen)


    I have a scammer who seems to be able to bypass the value passed to PayPal and ends up paying just £0.01 for a £55.00 value product. PayPal tell me the transaction is legitimate and that the problem is with Woocommerce.

    Any else encountered this?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Gerhard Potgieter

    (@kloon)

    It is possible for anyone to fake a PayPal request and make payment for any amount, however the key to securing this all is in the response from PayPal.

    What happens in WooCommerce is that the customer will be redirect to PayPal with a special URL which contains all the payment details, this can be altered by anyone, once they make payment on PayPal, PayPal will send back a request to the store with the payment details, WooCommerce will then validate those details to ensure the order was paid correctly with the full amounts, if not the order status will fail.

    Always check your order statuses before shipping to ensure payment was correct, there is not much we can do beside validating the payment before changing the order status.

    Thanks for the feedback. And yes, you are correct about the order status. I checked some of the failed orders and can see an alert message in the admin

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.