CVE-2025-12634 | Refund Request for WooCommerce Plugin up to 1.0 on WordPress Refund Status Update update_refund_status authorization

A vulnerability identified as problematic has been detected in Refund Request for WooCommerce Plugin up to 1.0 on WordPress. The impacted element is the function update_refund_status of the component Refund Status Update Handler. The manipulation leads to missing authorization.

This vulnerability is documented as CVE-2025-12634. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More