CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

204 matches found

CVE-2026-49056

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS0.00294EPSS

Exploits0References1

NVD•added 4 days ago•4 views

CVE-2026-39472

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS

Exploits0References1

Vulnrichment•added 4 days ago•3 views

CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS5.2AI score0.00294EPSS

Exploits0References1

Cvelist•added 4 days ago•26 views

CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS0.00294EPSS

Exploits0References1

CVE•added 4 days ago•10 views

CVE-2026-49056

CVE-2026-49056 concerns the WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin, versions

7.5CVSS5.2AI score0.00294EPSS

Exploits0References1

CVE•added 4 days ago•12 views

CVE-2026-39472

The CVE-2026-39472 affects the WordPress WooCommerce PDF Invoices & Packing Slips plugin prior to version 5.9.0, where a PHP Object Injection vulnerability was reported affecting shop manager operations. The root cause is a PHP Object Injection flaw in this plugin version, with CVSS 3.1 base metr...

7.2CVSS5.3AI score0.00446EPSS

Exploits0References1

Cvelist•added 4 days ago•24 views

CVE-2026-39472 WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

Shop manager PHP Object Injection in WooCommerce PDF Invoices & Packing Slips 5.9.0 versions...

7.2CVSS0.00446EPSS

Exploits0References1

Positive Technologies•added 4 days ago•5 views

PT-2026-49499

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...

7.5CVSS5.2AI score0.00294EPSS

Exploits0References2

Patchstack•added 2026/04/20 3:4 p.m.•3 views

WordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions 5.9.0...

5.8AI score0.00446EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/02/19 7:28 a.m.•5 views

CVE-2026-1906

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.0 via the wpoipsedisaveordercustomerpeppolidentifiers AJAX action due to missing capability checks and order ownership validation. This...

4.3CVSS5.7AI score0.00259EPSS

Exploits0References1

Cvelist•added 2026/02/18 5:29 a.m.•27 views

CVE-2026-1906 PDF Invoices & Packing Slips for WooCommerce <= 5.6.0 - Missing Authorization to Authenticated (Subscriber+) Peppol Identifier Modification

4.3CVSS0.00259EPSS

Exploits0References4

ATTACKERKB•added 2026/02/18 5:29 a.m.•5 views

CVE-2026-1906

4.3CVSS5.7AI score0.00259EPSS

Exploits0References5

CNNVD•added 2026/02/18 12:0 a.m.•4 views

WordPress plugin PDF Invoices & Packing Slips for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

4.3CVSS5.8AI score0.00259EPSS

Exploits0References4

Patchstack•added 2026/02/17 11:55 p.m.•3 views

WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 5.6.0 - Missing Authorization to Authenticated (Subscriber+) Peppol Identifier Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Peppol Identifier Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 5.6.0...

4.3CVSS5.5AI score0.00259EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/02/12 1:43 p.m.•2 views

CVE-2026-1748

The Invoct – PDF Invoices & Billing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access...

4.3CVSS5.5AI score0.00309EPSS

Exploits0References1

CNNVD•added 2026/02/11 12:0 a.m.•3 views

WordPress plugin Invoct – PDF Invoices & Billing for WooCommerce 安全漏洞

4.3CVSS5.8AI score0.00309EPSS

Exploits0References6

Patchstack•added 2026/02/10 11:17 p.m.•4 views

WordPress Invoct - PDF Invoices & Billing for WooCommerce plugin <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Information Exposure vulnerability

WordPress Invoct - PDF Invoices & Billing for WooCommerce plugin = 1.6 - Missing Authorization to Authenticated Subscriber+ Information Exposure vulnerability discovered by WordFence in WordPress Plugin Invoct – PDF Invoices & Billing for WooCommerce versions = 1.6...

4.3CVSS5.5AI score0.00309EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/12/10 2:22 p.m.•2 views

CVE-2025-67589

Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through = 4.9.1...

4.3CVSS7AI score0.002EPSS

Exploits0References1