Lucene search
+L

21 matches found

Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.9 views

PT-2025-46803

Name of the Vulnerable Software and Affected Versions WooCommerce PDF Invoice Builder versions through 1.2.150 Description The software contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue impacts the WooCommerce PDF...

6.6AI score0.00189EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-56199

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/29 2:26 p.m.16 views

CVE-2025-53203

Cross-Site Request Forgery CSRF vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Cross Site Request Forgery.This issue affects WooCommerce PDF Invoice Builder: from n/a through = 1.2.148...

4.3CVSS5.9AI score0.0014EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.13 views

PT-2025-27157 · Edgarrojas · Woocommerce Pdf Invoice Builder

Name of the Vulnerable Software and Affected Versions: EDGARROJAS WooCommerce PDF Invoice Builder versions 1.2.148 and earlier Description: A Cross-Site Request Forgery CSRF issue allows unauthorized actions to be performed. This can lead to Cross Site Request Forgery. Recommendations: For versio...

4.3CVSS7AI score0.0014EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.10 views

CVE-2023-46076

Unauth. Reflected Cross-Site Scripting XSS vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin = 1.2.102 versions...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2024/03/16 2:15 a.m.12 views

CVE-2023-51486

Cross-Site Request Forgery CSRF vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101...

8.8CVSS5.5AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/16 1:5 a.m.25 views

CVE-2023-51486 WordPress WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.101 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101...

5.4CVSS5.8AI score0.00221EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.9 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.101 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.101 Fixed in 1.2.102 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51486 Patch priority Low CVSS severity Low 5.4 Developer Edgar Rojas PSID 0520b4dedf5c Credits...

8.8CVSS6.6AI score0.00221EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/10/26 1:15 p.m.20 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in RedNao WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin = 1.2.102 versions...

5.8CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/26 12:0 a.m.7 views

PT-2023-29828 · WordPress · Rednao Woocommerce Pdf Invoice Builder

Name of the Vulnerable Software and Affected Versions: RedNao WooCommerce PDF Invoice Builder plugin versions 1.2.102 and earlier Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into the website,...

7.1CVSS6.3AI score0.00331EPSS
Exploits0References6
Patchstack
Patchstack
added 2023/10/16 12:0 a.m.10 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.103 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.103 Fixed in 1.2.104 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46076 Patch priority High CVSS severity High 7.1 Developer Edgar Rojas PSID e196625e8b7e Credits LEE S...

7.1CVSS5.6AI score0.00331EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/31 6:15 a.m.24 views

Cross site request forgery (csrf)

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90. This makes it possible for unauthenticated attackers to create invoice fields provided they can tric...

4.3CVSS4.7AI score0.00263EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/08/31 5:33 a.m.27 views

CVE-2023-4160 WooCommerce PDF Invoice Builder <= 1.2.90 - Authenticated (Administrator+) Cross-Site Scripting

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.90 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...

4.4CVSS4.9AI score0.00412EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/08/31 5:33 a.m.23 views

CVE-2023-3677 WooCommerce PDF Invoice Builder <= 1.2.89 - Authenticated (Subscriber+) SQL Injection via Export

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

8.8CVSS9AI score0.00619EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.7 views

WordPress plugin WooCommerce PDF Invoice Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin WooCommerce PDF...

4.3CVSS6.2AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/08/31 12:0 a.m.9 views

WordPress plugin WooCommerce PDF Invoice Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin WooCommerce PDF...

4.3CVSS6.2AI score0.00263EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.14 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.91 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.91 Fixed in 1.2.92 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4245 Patch priority Low CVSS severity Low 4.3 Developer Edgar Rojas PSID f1eb4f613ca1 Credits Marco Wotschka...

4.3CVSS6.6AI score0.00432EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/08/21 12:0 a.m.13 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.90 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.90 Fixed in 1.2.91 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4160 Patch priority Low CVSS severity Low 5.9 Developer Edgar Rojas PSID 27b991f0b0a1 Credits Marco...

4.8CVSS5.8AI score0.00412EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/08/16 12:0 a.m.13 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.90 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.90 Fixed in 1.2.91 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4161 Patch priority Low CVSS severity Low 4.3 Developer Edgar Rojas PSID 9cbed5bb67a7 Credits Marco...

4.3CVSS6.6AI score0.00263EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/08/14 12:0 a.m.14 views

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.90 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.90 Fixed in 1.2.91 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3764 Patch priority Low CVSS severity Low 4.3 Developer Edgar Rojas PSID 32ad6bbe40fc Credits Marco...

4.3CVSS6.6AI score0.00245EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder