Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 13 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 13 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wordpress
Wordpress wordpress Wpdesk Wpdesk flexible Refund And Return Order For Woocommerce |
|
| Vendors & Products |
Wordpress
Wordpress wordpress Wpdesk Wpdesk flexible Refund And Return Order For Woocommerce |
Mon, 13 Jul 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdesk Flexible Refund and Return Order for WooCommerce flexible-refund-and-return-order-for-woocommerce allows Stored XSS.This issue affects Flexible Refund and Return Order for WooCommerce: from n/a through <= 1.0.51. | |
| Title | WordPress Flexible Refund and Return Order for WooCommerce plugin <= 1.0.51 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-13T16:07:52.935Z
Reserved: 2026-06-24T12:46:27.804Z
Link: CVE-2026-57402
Updated: 2026-07-13T16:02:26.951Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-13T13:15:04Z