Refine your search
4 vulnerabilities found for Return Refund and Exchange For WooCommerce by wpswings
CVE-2025-12881 (GCVE-0-2025-12881)
Vulnerability from cvelistv5
Published
2025-11-21 07:31
Modified
2026-04-08 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the wps_rma_fetch_order_msgs() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read other user's order messages.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpswings | Return Refund and Exchange For WooCommerce |
Version: 0 ≤ 4.5.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T16:16:29.563528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T18:03:55.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Return Refund and Exchange For WooCommerce",
"vendor": "wpswings",
"versions": [
{
"lessThanOrEqual": "4.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Powpy"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the wps_rma_fetch_order_msgs() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read other user\u0027s order messages."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:23.231Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c159237-1a3a-4d42-9a2e-fbd6ca98f38e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3394215%40woo-refund-and-exchange-lite\u0026new=3394215%40woo-refund-and-exchange-lite\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-11-07T16:34:12.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T18:56:54.000Z",
"value": "Disclosed"
}
],
"title": "Return Refund and Exchange For WooCommerce \u003c= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Order Message Read"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12881",
"datePublished": "2025-11-21T07:31:53.213Z",
"dateReserved": "2025-11-07T16:19:02.823Z",
"dateUpdated": "2026-04-08T17:11:23.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12086 (GCVE-0-2025-12086)
Vulnerability from cvelistv5
Published
2025-11-21 07:31
Modified
2026-04-08 16:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the 'wps_rma_cancel_return_request' AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other users refund requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpswings | Return Refund and Exchange For WooCommerce |
Version: 0 ≤ 4.5.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-21T14:48:06.465756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:57:29.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Return Refund and Exchange For WooCommerce",
"vendor": "wpswings",
"versions": [
{
"lessThanOrEqual": "4.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Powpy"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.5.5 via the \u0027wps_rma_cancel_return_request\u0027 AJAX endpoint due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other users refund requests."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:36:25.470Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/126e2b92-322e-440c-a924-1b604330f164?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3394215%40woo-refund-and-exchange-lite\u0026new=3394215%40woo-refund-and-exchange-lite\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-22T18:20:54.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-20T18:57:45.000Z",
"value": "Disclosed"
}
],
"title": "Return Refund and Exchange For WooCommerce \u003c= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request Cancellation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-12086",
"datePublished": "2025-11-21T07:31:47.110Z",
"dateReserved": "2025-10-22T18:05:44.982Z",
"dateUpdated": "2026-04-08T16:36:25.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13692 (GCVE-0-2024-13692)
Vulnerability from cvelistv5
Published
2025-02-14 05:22
Modified
2026-04-08 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to overwrite linked refund image attachments, overwrite refund request message, overwrite order messages, and read order messages of other users.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpswings | Return Refund and Exchange For WooCommerce |
Version: 0 ≤ 4.4.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13692",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T15:36:38.202860Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T15:46:13.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Return Refund and Exchange For WooCommerce",
"vendor": "wpswings",
"versions": [
{
"lessThanOrEqual": "4.4.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Return Refund and Exchange For WooCommerce \u2013 Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to overwrite linked refund image attachments, overwrite refund request message, overwrite order messages, and read order messages of other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:26.757Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dafbf6e2-1160-4551-a987-5e94c9157ff2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-refund-and-exchange-lite/trunk/common/class-woo-refund-and-exchange-lite-common.php#L127"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-refund-and-exchange-lite/trunk/common/class-woo-refund-and-exchange-lite-common.php#L186"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-refund-and-exchange-lite/trunk/common/class-woo-refund-and-exchange-lite-common.php#L374"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-refund-and-exchange-lite/trunk/public/class-woo-refund-and-exchange-lite-public.php#L381"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3236486/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T17:19:46.000Z",
"value": "Disclosed"
}
],
"title": "Return Refund and Exchange For WooCommerce \u003c= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13692",
"datePublished": "2025-02-14T05:22:44.354Z",
"dateReserved": "2025-01-23T20:27:10.879Z",
"dateUpdated": "2026-04-08T17:27:26.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13641 (GCVE-0-2024-13641)
Vulnerability from cvelistv5
Published
2025-02-14 05:22
Modified
2026-04-08 16:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.5 via the 'attachment' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/attachment directory which can contain file attachments for order refunds.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| wpswings | Return Refund and Exchange For WooCommerce |
Version: 0 ≤ 4.4.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T15:24:12.336464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T15:24:27.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Return Refund and Exchange For WooCommerce",
"vendor": "wpswings",
"versions": [
{
"lessThanOrEqual": "4.4.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Return Refund and Exchange For WooCommerce \u2013 Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.5 via the \u0027attachment\u0027 directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/attachment directory which can contain file attachments for order refunds."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:56:24.154Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f88a21d-28a9-4c91-9bf9-6b69f6a420e8?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-refund-and-exchange-lite/trunk/common/class-woo-refund-and-exchange-lite-common.php#L127"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3236486/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T17:19:37.000Z",
"value": "Disclosed"
}
],
"title": "Return Refund and Exchange For WooCommerce \u003c= 4.4.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13641",
"datePublished": "2025-02-14T05:22:43.741Z",
"dateReserved": "2025-01-22T23:46:34.907Z",
"dateUpdated": "2026-04-08T16:56:24.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}