Vulnerabilities

CVE-2025-49352

by Fred · 31/12/2025

Authorization Bypass Through User-Controlled Key vulnerability in YoOhw Studio Order Cancellation & Returns for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Cancellation & Returns for WooCommerce: from n/a through 1.1.10.

More information : https://vdp.patchstack.com/database/wordpress/plugin/wc-order-cancellation-return/vulnerability/wordpress-order-cancellation-returns-for-woocommerce-plugin-1-1-10-insecure-direct-object-references-idor-vulnerability?_s_id=cve

Similar

Tags: Cybersecurity Alert