CVE-2025-10570: CWE-639 Authorization Bypass Through User-Controlled Key in wpdesk Flexible Refund and Return Order for WooCommerce
The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.38 via the save_refund_request() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to submit refund requests for arbitrary orders that they do not own.
AI Analysis
Technical Summary
The Flexible Refund and Return Order for WooCommerce plugin suffers from an authorization bypass vulnerability (CWE-639) in the save_refund_request() function. Authenticated users with subscriber-level privileges or above can exploit this flaw to submit refund requests on arbitrary orders without ownership verification. This vulnerability affects all plugin versions up to and including 1.0.38. The CVSS 3.1 base score is 4.3 (medium severity), reflecting network attack vector, low attack complexity, requiring low privileges, no user interaction, unchanged scope, no confidentiality or availability impact, and limited integrity impact. No patch or remediation details are currently provided by the vendor.
Potential Impact
An attacker with subscriber-level access can submit refund requests for orders they do not own, potentially causing unauthorized refund processing. This impacts the integrity of the refund process but does not affect confidentiality or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, restrict subscriber-level access to trusted users only and monitor refund request activities for anomalies. Avoid granting unnecessary privileges to users. Follow vendor updates closely for an official fix.
CVE-2025-10570: CWE-639 Authorization Bypass Through User-Controlled Key in wpdesk Flexible Refund and Return Order for WooCommerce
Description
The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.38 via the save_refund_request() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to submit refund requests for arbitrary orders that they do not own.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Flexible Refund and Return Order for WooCommerce plugin suffers from an authorization bypass vulnerability (CWE-639) in the save_refund_request() function. Authenticated users with subscriber-level privileges or above can exploit this flaw to submit refund requests on arbitrary orders without ownership verification. This vulnerability affects all plugin versions up to and including 1.0.38. The CVSS 3.1 base score is 4.3 (medium severity), reflecting network attack vector, low attack complexity, requiring low privileges, no user interaction, unchanged scope, no confidentiality or availability impact, and limited integrity impact. No patch or remediation details are currently provided by the vendor.
Potential Impact
An attacker with subscriber-level access can submit refund requests for orders they do not own, potentially causing unauthorized refund processing. This impacts the integrity of the refund process but does not affect confidentiality or availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, restrict subscriber-level access to trusted users only and monitor refund request activities for anomalies. Avoid granting unnecessary privileges to users. Follow vendor updates closely for an official fix.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-09-16T16:19:08.622Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68f87dba01fe9fee6c20e446
Added to database: 10/22/2025, 6:46:18 AM
Last enriched: 4/9/2026, 9:01:00 AM
Last updated: 5/10/2026, 4:37:54 AM
Views: 231
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.