117 matches found
CVE-2024-3047
Technical details (affected product/version, root cause, impact, remediation) are not provided in the Connected documents. Monitor for updates from vendors or official advisories to obtain concrete details and mitigation.
WordPress plugin PDF Invoices & Packing Slips for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plug-in. A security vulnerability exists i...
WordPress plugin PDF Invoices & Packing Slips for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plug-in. WordPress plugin PDF Invoices &...
WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 3.8.0...
WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.8.0 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3045 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d235421a1171...
WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.4.2 - Missing Authorization to Unauthenticated Settings Reset vulnerability
Missing Authorization to Unauthenticated Settings Reset vulnerability discovered by Krzysztof Zając in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.4.2...
CVE-2024-3216 WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.2 - Missing Authorization to Unauthenticated Settings Reset
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wtpklistresetsettings function in all versions up to, and including, 4.4.2. This makes it possible for...
CVE-2024-30230
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7...
CVE-2024-30230
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7...
CVE-2024-30230 WordPress PDF Invoices and Packing Slips For WooCommerce plugin <= 1.3.7 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7...
WordPress Plugin PDF Invoices and Packing Slips For WooCommerce 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress Plugin PDF Invoices and...
CVE-2024-22288
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping...
WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress Plugin WooCommerce PDF...
WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin <= 4.4.0 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Type Plugin Vulnerable versions = 4.4.0 Fixed in 4.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22288 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownershi...
CVE-2024-0957
CVE-2024-0957 affects the WordPress plugin “WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels” up to version 4.4.1. It is a stored cross‑site scripting vulnerability in the Customer Notes field caused by insufficient input sanitization and output escaping, allowing unaut...
WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Type Plugin Vulnerable versions = 4.4.1 Fixed in 4.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0957 Patch priority Medium CVSS severity Medium 7.1 Developer...
Deserialization of untrusted data
The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.7 via deserialization of untrusted input via the orderid parameter. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-1773 PDF Invoices and Packing Slips For WooCommerce <= 1.3.7 - Authenticated (Subscriber+) PHP Object Injection
The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.7 via deserialization of untrusted input via the orderid parameter. This makes it possible for authenticated attackers, with subscriber-level...
WordPress plugin PDF Invoices and Packing Slips For WooCommerce Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. WordPress plugin PDF Invoices and...
CVE-2024-22147
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5...