117 matches found
WordPress plugin WooCommerce PDF Invoices & Packing Slips 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-49963
Name of the Vulnerable Software and Affected Versions WooCommerce PDF Invoices & Packing Slips versions through 4.9.1 Description The software contains a flaw related to incorrectly configured access control security levels, allowing unauthorized access. The issue impacts the WooCommerce PDF...
WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 4.9.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 4.9.1...
PDF Invoices & Packing Slips for WooCommerce 信息泄露漏洞
PDF Invoices & Packing Slips for WooCommerce is a WP Overnight open source tool for creating, printing, and automatically sending PDF invoices for WooCommerce orders. An information disclosure vulnerability exists in PDF Invoices & Packing Slips for WooCommerce versions prior to 4.0.0, which stem...
WordPress WooCommerce PDF Invoices plugin <= 4.7.1 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.7.1...
CVE-2024-11361 PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting
The PDF Invoices & Packing Slips Generator for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers t...
CVE-2024-11361
CVE-2024-11361 affects the WordPress plugin “PDF Invoices & Packing Slips Generator for WooCommerce”. All versions up to and including 2.2.1 are susceptible to a Reflected Cross-Site Scripting vulnerability caused by insufficient escaping when using add_query_arg in the URL. This enables unauthen...
WordPress plugin PDF Invoices & Packing Slips Generator for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin PDF Invoices &...
WordPress PDF Invoices & Packing Slips Generator for WooCommerce plugin <= 2.2.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PDF Invoices & Packing Slips Generator for WooCommerce versions = 2.2.1...
PT-2024-16935 · WordPress · Pdf Invoices & Packing Slips Generator For Woocommerce
Name of the Vulnerable Software and Affected Versions: PDF Invoices & Packing Slips Generator for WooCommerce plugin for WordPress versions up to, and including, 2.2.1 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site...
CVE-2024-50421
Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips woocommerce-pdf-invoices-packing-slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through = 3.8.6...
CVE-2024-50421
CVE-2024-50421 concerns the WordPress plugin WooCommerce PDF Invoices & Packing Slips (versions
PT-2024-34195 · Wp Overnight · Woocommerce Pdf Invoices & Packing Slips
Name of the Vulnerable Software and Affected Versions: WooCommerce PDF Invoices & Packing Slips versions 3.8.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips, which allows exploiting incorrectly...
WordPress plugin WooCommerce PDF Invoices & Packing Slips 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 3.8.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 3.8.6...
WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.8.6 is vulnerable to Broken Access Control
Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-50421 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b5246d239102 Credits Rafi...
CVE-2023-51546
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1...
CVE-2024-3047
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform function. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web...
CVE-2024-3045
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2024-3047
Technical details (affected product/version, root cause, impact, remediation) are not provided in the Connected documents. Monitor for updates from vendors or official advisories to obtain concrete details and mitigation.