CVE-2025-15475 is a vulnerability classified under CWE-862 (Missing Authorization) found in the PayHere Payment Gateway Plugin for WooCommerce, a popular WordPress plugin used to process payments. The vulnerability exists due to improper validation logic within the check_payhere_response function, which is responsible for verifying payment responses from the PayHere gateway. Specifically, the plugin fails to enforce proper authorization checks before allowing changes to the status of WooCommerce orders. As a result, unauthenticated attackers can remotely send crafted requests that manipulate the status of pending orders, changing them to paid, completed, or on hold states without any authentication or user interaction. This flaw compromises the integrity of order data by allowing unauthorized status modifications, potentially enabling attackers to fraudulently mark unpaid orders as paid or alter order processing states. The vulnerability affects all versions up to and including 2.3.9 of the plugin. The CVSS v3.1 base score is 5.3, reflecting a medium severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). There is no impact on confidentiality or availability, only on integrity. No patches or fixes are currently linked, and no known exploits have been reported in the wild as of the publication date. The vulnerability was reserved and published in early January 2026.

The primary impact of CVE-2025-15475 is the unauthorized modification of WooCommerce order statuses, which undermines the integrity of e-commerce transaction data. Organizations using the PayHere Payment Gateway Plugin risk fraudulent manipulation of order states, such as marking unpaid orders as paid or altering order processing workflows. This can lead to financial losses, accounting discrepancies, and damage to customer trust. Additionally, attackers could exploit this flaw to disrupt business operations by placing orders in incorrect states, potentially complicating order fulfillment and customer service processes. Although confidentiality and availability are not directly affected, the integrity breach can have cascading effects on business reputation and operational reliability. The ease of exploitation without authentication or user interaction increases the risk of widespread abuse, especially in environments with high transaction volumes. Organizations relying on this plugin for payment processing should consider the risk significant enough to warrant immediate attention.

1. Monitor for updates from the PayHere plugin vendor and apply security patches promptly once released. 2. Until an official patch is available, implement server-side validation controls to verify order status changes, ensuring that only authorized and authenticated requests can modify order states. 3. Restrict access to the payment response endpoint by IP whitelisting or firewall rules to allow only legitimate PayHere gateway IP addresses. 4. Enable detailed logging and alerting on order status changes to detect suspicious or unauthorized modifications quickly. 5. Consider deploying a Web Application Firewall (WAF) with custom rules to block anomalous requests targeting the check_payhere_response function. 6. Conduct regular audits of WooCommerce order statuses to identify and rectify any fraudulent changes. 7. Educate the e-commerce and IT teams about this vulnerability to ensure rapid incident response if exploitation is suspected. 8. Review and harden the overall WooCommerce and WordPress security posture, including plugin updates and least privilege principles.