Lucene search
HistoryJan 27, 2024 - 12:15 a.m.
CVE-2024-22147
cve-2024-22147
improper neutralization
special elements
sql injection
woocommerce
pdf invoices
packing slips
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
19.3%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5.
Affected configurations
Node
wpovernightwoocommerce_pdf_invoices\&_packing_slipsRange≤3.7.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpovernight | woocommerce_pdf_invoices\&_packing_slips | * | cpe:2.3:a:wpovernight:woocommerce_pdf_invoices\&_packing_slips:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Sql injection
2024-01-27 00:15:00
vulnrichment
vulnrichment
wpvulndb
wpvulndb
cvelist
cvelist
cve
cve
CVE-2024-22147
2024-01-27 00:15:24
wordfence
wordfence
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
19.3%
Related for NVD:CVE-2024-22147