Lucene search
K

117 matches found

CNNVD
CNNVD
added 2024/01/27 12:0 a.m.3 views

WordPress plugin PDF Invoices & Packing Slips for WooCommerce SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is an application plugin. WordPress plugin PDF Invoices &...

7.6CVSS7.2AI score0.0058EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/26 11:15 p.m.27 views

CVE-2024-22147 WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.7.5 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5...

7.6CVSS8.1AI score0.0058EPSS
Exploits0References1
CVE
CVE
added 2024/01/26 11:15 p.m.70 views

CVE-2024-22147

CVE-2024-22147 pertains to the WordPress WooCommerce plugin “PDF Invoices & Packing Slips” (versions

7.6CVSS7.8AI score0.0058EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/26 11:15 p.m.11 views

CVE-2024-22147 WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.7.5 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5...

7.6CVSS7.6AI score0.0058EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/01/15 12:0 a.m.13 views

WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.7.5 is vulnerable to SQL Injection

Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.7.5 Fixed in 3.7.6 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-22147 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 690e011aa8bf Credits Yudistira Arya Required...

7.6CVSS6.8AI score0.0058EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/01/03 8:29 a.m.46 views

CVE-2023-7068

CVE-2023-7068 affects the WordPress plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels up to version 4.3.0. Root cause: missing capability check on the print_packinglist action, enabling authenticated users with subscriber-level access and above to export orders co...

6.5CVSS6.3AI score0.00387EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/01/03 12:0 a.m.16 views

WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin <= 4.3.0 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-7068 Patch priority Low CVSS severity Low 4.3 Developer Claim...

6.5CVSS6.6AI score0.00387EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.7 views

WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS6.8AI score0.00387EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.20 views

WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin <= 4.2.1 is vulnerable to Privilege Escalation

Software WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.3.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-51546 Patch priority Medium CVSS severity Medium...

7.2CVSS6.5AI score0.00643EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/26 12:5 p.m.21 views

CVE-2023-46076 WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin = 1.2.102 versions...

7.1CVSS6.4AI score0.00331EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/26 12:0 a.m.3 views

WordPress Plugin WooCommerce PDF Invoice Builder, Create invoices, packing slips and more Cross-site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress Plugin WooCommerce PDF...

7.1CVSS6.1AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2023/09/30 10:15 p.m.5 views

CVE-2023-43721

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "PACKINGSLIPSSUMMARYTITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

5.4CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/30 12:0 a.m.4 views

PT-2023-28941 · Unknown · Oscommerce

Name of the Vulnerable Software and Affected Versions: Os Commerce affected versions not specified Description: The issue is a Cross-Site Scripting XSS vulnerability that allows attackers to inject JavaScript through the PACKING SLIPS SUMMARY TITLE1 parameter. This could potentially lead to...

5.4CVSS5.2AI score0.00431EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2023/09/13 12:0 a.m.17 views

WooCommerce PDF Invoices & Packing Slips Plugin for WordPress < 2.10.5 Reflected Cross-Site Scripting

The WordPress WooCommerce PDF Invoices & Packing Slips Plugin installed on the remote host does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting rXSS vulnerability in the admin dashboard. Note that the scanner has not...

4.8CVSS6.8AI score0.01188EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/07/28 12:0 a.m.11 views

WordPress WooCommerce PDF Invoices & Packing Slips Plugin < 3.2.6 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpovernight:woocommercepdfinvoices%26packingslips";...

4.3CVSS4.7AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2023/03/01 3:15 p.m.4 views

CVE-2022-47148

Cross-Site Request Forgery CSRF vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin = 3.2.5 leading to popup dismiss...

4.3CVSS5.8AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2023/03/01 3:15 p.m.28 views

CVE-2022-47148

Cross-Site Request Forgery CSRF vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin = 3.2.5 leading to popup dismiss...

4.3CVSS4.7AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2023/03/01 2:25 p.m.42 views

CVE-2022-47148

The CVE-2022-47148 describes a CSRF vulnerability in the WordPress plugin WP Overnight PDF Invoices & Packing Slips for WooCommerce , affected versions being ≤ 3.2.5. The issue allows a CSRF attack that can result in a popup dismissal, with exploitation possible by an unauthenticated user and use...

4.3CVSS4.7AI score0.00231EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/01 12:0 a.m.5 views

PT-2023-15194 · WordPress · Wp Overnight Pdf Invoices & Packing Slips

Name of the Vulnerable Software and Affected Versions: WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin version 3.2.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which can lead to a popup dismiss. This type of vulnerability allows an...

4.3CVSS4.4AI score0.00231EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.4 views

WordPress plugin PDF Invoices & Packing Slips for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. A security vulnerability exists in th...

4.3CVSS5AI score0.00231EPSS
Exploits0References2
Rows per page
Query Builder