117 matches found
WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce PDF Invoices & Packing Slips Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47148 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 00a0d1fb8074...
WordPress WooCommerce PDF Invoices & Packing Slips Plugin < 2.16.0 XSS Vulnerability
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress WooCommerce PDF Invoices & Packing Slips Plugin < 2.10.5 XSS Vulnerability
The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
WordPress WooCommerce PDF Invoices & Packing Slips Plugin 2.14.x < 3.0.1 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpovernight:woocommercepdfinvoices%26packingslips";...
CVE-2022-2537
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting...
CVE-2022-2537
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting...
CVE-2022-2537 WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting...
CVE-2022-2537
The CVE-2022-2537 issue affects the WordPress plugin WooCommerce PDF Invoices & Packing Slips prior to version 3.0.1. The vulnerability is Reflected Cross-Site Scripting (XSS) caused by not sanitising and escaping certain parameters before outputting them back into an admin page attribute. Affect...
WordPress plugin WooCommerce PDF Invoices & Packing Slips 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL server set up a personal blog site. WordPress plugin is an application plug-in. A cross-site scripting vulnerability...
WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting. This is a re-introduction of CVE-2021-24991 in 2.14.0 PoC...
WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting. This is a re-introduction of CVE-2021-24991 in 2.14.0...
WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 3.0.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress WooCommerce PDF Invoices & Packing Slips plugin versions = 3.0.0. Solution Update the WordPress WooCommerce PDF Invoices & Packing Slips plugin to the latest available version at least 3.0.1...
CVE-2022-2092
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks...
CVE-2022-2092 WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks...
CVE-2022-2092
CVE-2022-2092 affects the WooCommerce PDF Invoices & Packing Slips WordPress plugin prior to 2.16.0. The setting page fails to escape a user-supplied parameter, enabling reflected cross-site scripting attacks. Affected product is the WordPress plugin; root cause is lack of proper input escaping o...
WordPress plugin WooCommerce PDF Invoices & Packing Slips 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WooCommerce PDF Invoices...
WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting
The plugin doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. PoC https://example.com/wp-admin/admin.php?page=wpowcpdfoptionspage=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22...
WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 2.15.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by ZhongFu Su aka JrXnm WuHan University in WordPress WooCommerce PDF Invoices & Packing Slips plugin versions = 2.15.0. Solution Update the WordPress WooCommerce PDF Invoices & Packing Slips plugin to the latest available version at lea...
WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting
The plugin doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. https://example.com/wp-admin/admin.php?page=wpowcpdfoptionspage&preview=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22...
WooCommerce PDF Invoices & Packing Slips < 2.15.0 - Reflected Cross-Site Scripting
The plugin does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wpowcpdfoptionspage&tab=documents§ion=invoice&"alert/XSS/...