Lucene search
K

117 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.2 views

WordPress plugin WooCommerce PDF Invoices & Packing Slips 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.6AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49963

Name of the Vulnerable Software and Affected Versions WooCommerce PDF Invoices & Packing Slips versions through 4.9.1 Description The software contains a flaw related to incorrectly configured access control security levels, allowing unauthorized access. The issue impacts the WooCommerce PDF...

4.3CVSS6.5AI score0.002EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/07 4:0 a.m.4 views

WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 4.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 4.9.1...

4.3CVSS7AI score0.002EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/02/04 12:0 a.m.4 views

PDF Invoices & Packing Slips for WooCommerce 信息泄露漏洞

PDF Invoices & Packing Slips for WooCommerce is a WP Overnight open source tool for creating, printing, and automatically sending PDF invoices for WooCommerce orders. An information disclosure vulnerability exists in PDF Invoices & Packing Slips for WooCommerce versions prior to 4.0.0, which stem...

6.5CVSS5.9AI score0.00434EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.5 views

WordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.7.1...

5.9CVSS5.8AI score0.00347EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/23 4:32 a.m.11 views

CVE-2024-11361 PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting

The PDF Invoices & Packing Slips Generator for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers t...

6.1CVSS6.4AI score0.00421EPSS
Exploits0References4
CVE
CVE
added 2024/11/23 4:32 a.m.55 views

CVE-2024-11361

CVE-2024-11361 affects the WordPress plugin “PDF Invoices & Packing Slips Generator for WooCommerce”. All versions up to and including 2.2.1 are susceptible to a Reflected Cross-Site Scripting vulnerability caused by insufficient escaping when using add_query_arg in the URL. This enables unauthen...

6.1CVSS6AI score0.00421EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/23 12:0 a.m.5 views

WordPress plugin PDF Invoices & Packing Slips Generator for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin PDF Invoices &...

6.1CVSS7.4AI score0.00421EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/11/22 9:33 p.m.5 views

WordPress PDF Invoices & Packing Slips Generator for WooCommerce plugin <= 2.2.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PDF Invoices & Packing Slips Generator for WooCommerce versions = 2.2.1...

6.1CVSS6.3AI score0.00421EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.5 views

PT-2024-16935 · WordPress · Pdf Invoices & Packing Slips Generator For Woocommerce

Name of the Vulnerable Software and Affected Versions: PDF Invoices & Packing Slips Generator for WooCommerce plugin for WordPress versions up to, and including, 2.2.1 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site...

6.1CVSS9.5AI score0.00421EPSS
Exploits0References7
NVD
NVD
added 2024/10/29 10:15 p.m.20 views

CVE-2024-50421

Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through = 3.8.6...

5.3CVSS0.00398EPSS
Exploits0References1
CVE
CVE
added 2024/10/29 9:34 p.m.52 views

CVE-2024-50421

CVE-2024-50421 concerns the WordPress plugin WooCommerce PDF Invoices & Packing Slips (versions

5.3CVSS5.9AI score0.00398EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.4 views

PT-2024-34195 · Wp Overnight · Woocommerce Pdf Invoices & Packing Slips

Name of the Vulnerable Software and Affected Versions: WooCommerce PDF Invoices & Packing Slips versions 3.8.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips, which allows exploiting incorrectly...

5.3CVSS6.8AI score0.00398EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.3 views

WordPress plugin WooCommerce PDF Invoices & Packing Slips 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

5.3CVSS6.5AI score0.00398EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/24 8:39 a.m.4 views

WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 3.8.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 3.8.6...

5.3CVSS7AI score0.00398EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.14 views

WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.8.6 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-50421 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5246d239102 Credits Rafi...

5.3CVSS6.5AI score0.00398EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/17 9:15 a.m.4 views

CVE-2023-51546

Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1...

7.2CVSS5.8AI score0.00643EPSS
Exploits0References1
OSV
OSV
added 2024/05/02 5:15 p.m.3 views

CVE-2024-3047

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform function. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web...

7.2CVSS5.8AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2024/05/02 5:15 p.m.5 views

CVE-2024-3045

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS5.9AI score0.0057EPSS
Exploits0References3
CVE
CVE
added 2024/05/02 4:51 p.m.59 views

CVE-2024-3047

Technical details (affected product/version, root cause, impact, remediation) are not provided in the Connected documents. Monitor for updates from vendors or official advisories to obtain concrete details and mitigation.

7.2CVSS6.7AI score0.00403EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder