New: optional expiry for the guest withdrawal link. Set WooCommerce → Withdrawal Settings → Guest link validity (days) to a positive number to have the emailed link stop working after that many days (an expired link sends the consumer back to the lookup form). Default is 0 = no expiry, so existing behaviour is unchanged.
Internal: the guest-token issuing and verification logic is now centralised in one place across the form, REST API and My Account flows.
2.15.5
Improved: the compliance-readiness panel on the Withdrawal Settings screen now spans the full content width with a cleaner, WordPress-native two-column layout (styling moved into the admin stylesheet).
2.15.4
Fix: shop managers can now save the plugin settings. The settings save was previously gated by the administrator-only capability even though the screen is available to shop managers, so their changes were silently rejected.
2.15.3
Privacy: the personal-data eraser no longer deletes withdrawal statements whose withdrawal or refund is still in progress (pending/received); these are retained until finalised so a pending reimbursement is never stranded, with only non-essential request metadata removed. Anonymising a retained (refunded) statement now also clears the free-text reason. The personal-data export now includes the received/refunded timestamps and the confirmation channel.
2.15.2
Fix: when an explicit delivery date is recorded for an order, it is now normalised to the shop timezone before the withdrawal deadline is computed, so the final day boundary is correct regardless of the timezone the date was stored in.
2.15.1
Security: the post-submission confirmation page now shows the acknowledgement verification code and certificate link only to the order owner or to a request that carries the matching receipt code, so the code can no longer be revealed by guessing a withdrawal reference number. Affects only the acknowledgement-certificate feature; refund and submission flows are unchanged.
2.15.0
Documentation: the readme now lists the main developer filters and actions inline (eligibility, refunds, lifecycle, security, presentation and integration), instead of linking out for the hook reference.
2.14.0
The wp bzww stats command and the /wp-json/bzww/v1/stats REST endpoint now report the number of open statements past the reimbursement deadline (overdue_refunds), so external monitoring and alerting can track compliance risk.
Fix: the “All” counter on the Withdrawals list now matches every row the list can display.
Internal: the bundled translation compiler now byte-sorts the compiled .mo string table for full gettext conformance.
2.13.0
The dashboard widget now highlights, at the top, when open statements have passed the statutory reimbursement deadline — so the compliance risk is visible on login, not only on the Withdrawals screen.
2.12.0
Fix: Polish translations now use the correct grammatical plural forms for counts (e.g. processed-statement notices and the admin status counters), instead of falling back to English. The translation build tooling now compiles plural forms into the .mo file.
2.11.0
New: the Withdrawals admin screen now shows a warning when open statements have passed the 14-day statutory reimbursement deadline (EU Directive Art. 13(3)), so refunds are not missed. The deadline is filterable via bzww/refund/deadline_days.
2.10.0
The Withdrawals admin list now shows a count next to each status filter (All, Pending, Received, Refunded, Rejected, Trash), so you can see your queue at a glance without opening each view.
2.9.0
New read-only REST endpoint GET /wp-json/bzww/v1/stats (requires the manage_woocommerce capability) returning withdrawal counts by status, the total, the refunded amount and the shop currency — for headless dashboards and monitoring.
2.8.0
The selected predefined withdrawal reason is now stored separately, and the dashboard widget shows the most common reasons over the last 30 days — helping you spot and reduce avoidable returns.
Security: the CSV export now neutralises spreadsheet formula injection in consumer-supplied fields (name, email, reason).
Fix: automatic order-status transition on submission now works for all statuses (a prefix-handling bug previously skipped statuses such as “completed” and “cancelled”).
Hardening: outbound webhook requests no longer follow redirects and reject unsafe (internal) URLs; the Polish holiday preset is now generated algorithmically so it never expires; when a consumer requests a refund to a specific IBAN, automatic reversal to the card is disabled so it can be settled to that account.
2.7.0
New WP-CLI command wp bzww stats — prints withdrawal counts by status and the total refunded, for scripting and monitoring.
2.6.0
The dashboard widget now shows the withdrawal rate — the share of recent orders that resulted in a withdrawal — computed efficiently and cached.
2.5.0
The dashboard widget now also shows the average refund amount and the average time from submission to refund over the last 30 days, alongside the existing status counts and total refunded.
2.4.0
New: a “Record delivery date” order action. From the order screen you can stamp the delivery date that starts the 14-day withdrawal clock — useful for marking the last parcel of a multi-shipment order without a separate tracking plugin. The recorded date takes priority over the configured deadline basis.
2.3.0
New: configurable basis for the withdrawal deadline — start the 14-day clock from the order completed date (default), the order date, or the payment date — plus an optional “grace days” buffer. A delivery date recorded on the order (meta _bzww_delivered_at, e.g. by a tracking/shipping plugin) still takes priority, so multi-shipment deadlines remain accurate.
2.2.0
New (opt-in): outbound webhook notifications. Set a Slack, Discord or generic webhook URL and the plugin posts a small JSON payload when a withdrawal is submitted. Off by default; nothing is sent unless a URL is configured (see Notifications in the settings, and the External services section).
2.1.0
New (opt-in): capture the consumer’s Article 16(m) consent at checkout for carts containing immediately-supplied digital content (virtual + downloadable). The acknowledgement is stored on the order with its text and timestamp and recorded as an order note; it can be shown for the record only or required to complete checkout. Applied to the classic checkout; block (Store API) checkout support is planned.
2.0.0
Milestone release consolidating the compliance toolkit built across the 1.x series: verifiable SHA-256 acknowledgement receipt, printable certificate, always-visible footer/sticky access, Annex I.A/I.B page generator, optional two-step confirmation, optional IBAN field, honeypot + rate limiting, WCAG 2.1 AA forms, and a compliance readiness panel.
New: a contextual Help tab on the settings screen with a quick-start guide and compliance pointers.
Documentation: the plugin description now reflects the full feature set.
No breaking changes — this is a safe upgrade from any 1.x version; settings and existing withdrawal records are preserved.
1.5.0
New: a compliance readiness panel on the settings screen — an at-a-glance checklist (public page published, guest form available, prominent access, withdrawal period, pre-purchase notice, Annex I.A/I.B pages) so you can see what is set up for the directive and what still needs attention.
UI: frontend form controls now inherit the active theme’s typography, with clearer keyboard-focus styles and reduced-motion support, for a cleaner look on default block themes (Twenty Twenty-*) and Storefront.
1.4.0
New: a printable acknowledgement certificate — a clean, self-contained document of the withdrawal declaration (content, submission time and SHA-256 verification code) that the consumer can save as a PDF with the browser print function. Linked from the confirmation email, the on-screen confirmation, and the admin detail screen. No third-party PDF library is bundled.
1.3.0
New: one-click generator for the statutory Annex I texts — a withdrawal-information page (Annex I.A) and a model withdrawal form (Annex I.B), populated from your store details. Available as the shortcodes [bzww_withdrawal_policy] and [bzww_model_form] and as ready-made pages from the settings screen.
New: optional two-step confirmation — a read-only review screen with a separate confirmation control before a withdrawal is recorded (off by default; works without JavaScript).
Frontend styling refined for readability on default block themes (Twenty Twenty-*) and Storefront, inheriting the theme’s typography.
1.2.0
Always-visible access: an optional site-wide footer link (on by default) and an optional dismissible sticky bar make the withdrawal function reachable from every page, in line with the Directive’s “prominent and easily accessible” requirement — no longer only inside the My Account tab.
Added an optional IBAN field to the withdrawal form (off by default) for consumers who ask to be refunded to a specific bank account. It is never mandatory; entries are validated with the IBAN checksum, surfaced in the confirmation email and admin detail, and included in the privacy exporter/eraser.
Accessibility: error messages now use a focus-managed alert region, required fields are explicitly marked, and the sticky bar has a keyboard-accessible dismiss control (WCAG 2.1 AA).
New settings section “Withdrawal access (visibility)” plus an “Offer an IBAN field” toggle.
1.1.0
Acknowledgement of receipt now carries a verifiable SHA-256 code derived from the declaration content, so the confirmation can be checked for tampering — strengthening the durable-medium record required by Directive (EU) 2023/2673.
Confirmation wording now states clearly that it acknowledges receipt only and does not by itself decide whether the withdrawal is effective or accepted, keeping the receipt distinct from any automatic refund.
The verification code is also shown on the on-screen confirmation in My Account and on the public guest page.
Added honeypot spam protection and per-IP rate limiting to the public lookup and guest submission endpoints, hardening them against bots and order-number enumeration.
Internal: centralised client IP / user-agent retrieval used by the audit trail and the new rate limiter.
1.0.2
Pre-escape attribute and label arguments passed to wp_dropdown_pages() on the settings page so the PHPCS escape-output rule no longer flags the call.
1.0.1
Move inline checkbox-toggle script on the admin list screen to an enqueued asset (assets/js/admin-list.js).
Escape the return value of the the_title filter and the WooCommerce endpoint-title filter.
Register the Gutenberg block through a PHP render callback that returns a string, replacing the file-based render that echoed shortcode output.
Document and lint-mark the trust boundary on the Elementor widget’s shortcode echo.
1.0.0
Initial release.
Full EU 2023/2673 compliance: dedicated withdrawal function, immediate confirmation, 14-day refund.
Item-level partial withdrawals with per-line quantity.
Public lookup page (order number + email) — guests submit without an account.
Automatic refund through the original payment gateway when supported.
Admin can override the calculated refund amount per statement.
Configurable withdrawal period (7-60 days).
Deadline calculator with weekend & Polish public-holiday rollover.
Rule engine for excluding products, categories, roles and gateways.
Storefront notices on product / cart / checkout / thank-you with WYSIWYG text.
Four customer status emails (confirmation, received, refunded, rejected) — theme-overridable.
Customer self-service cancellation.
Trash / restore / delete workflow for withdrawal records.
