Stops checkout abuse in Woo
- added failed-order rate limiting for logged-in customers
- blocks checkout for 24 hours after 3 failed orders within a 24-hour period
- retains existing account-age and order-interval protections
- added minimum time between orders requirement (default 1800 seconds)
- blocks rapid repeat checkout attempts from the same logged-in account
- keeps order interval setting filterable via
block_automated_checkout_min_order_interval - improved timestamp handling for checkout timing validation
- keeps minimum account age protection in place before checkout
- added minimum account age requirement before checkout (default 300 seconds)
- blocks immediate first-order attempts from newly registered accounts
- improves protection against register-and-test card validation abuse
- removed strict WooCommerce checkout nonce enforcement
- relies on WooCommerce core nonce validation
- retains session and cart validation safeguards
- improves compatibility with cached or stale checkout sessions
- initial release
- supports PHP 7.0 to 8.3
- supports Git Updater
Tested up to: 6.9- blocks checkout requests without a valid WooCommerce checkout nonce
- blocks checkout requests without an active WooCommerce session or cart
- mitigates scripted, stateless, non-interactive and non-browser checkout attempts
- uses native WooCommerce notices for failed requests