Key Information Commit: 3378214 File: event-tickets/tags/5.26.6/src/Tickets/Commerce/Gateways/Free/REST/Order_Endpoint.php Timestamp: 10/14/2025 02:05:45 PM (4 days ago) Author: raSurfaskin Message: Apply modifications to 5.26.6 Vulnerability-Related Code Changes New Feature: - Starting with version 5.26.6, cart validation has been added to reject empty carts and carts containing paid items. Critical Code Snippet: Potential Vulnerability Analysis Cart Validation: The newly added cart validation logic ensures that only carts with a total of $0.00 can proceed with free order processing. This likely addresses a previously existing vulnerability that allowed empty carts or carts containing paid items to be processed as free orders. Error Handling: Returns a object with an HTTP status code of 400, ensuring clients can properly handle invalid requests. Security Enhancement: By strictly validating cart contents and total amount, this change prevents potential abuse, such as exploiting empty carts or partially paid items to process free orders.