PatchSiren

wpdesk CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM wpdesk CVE published 2026-07-13

CVE-2026-57402

CVE-2026-57402 is a Stored XSS vulnerability in Flexible Refund and Return Order for WooCommerce. The issue affects Flexible Refund and Return Order for WooCommerce from n/a through <= 1.0.51. This vulnerability has a CVSS score of 6.5 and a severity of MEDIUM. The vulnerability is caused by improper neutralization of input during web page generation, also known as Cross-site Scripting (XSS). The vulnerab [truncated]