Lucene search
K

6 matches found

Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-9021 Easy Invoice <= 2.1.19 - Unauthenticated Arbitrary Quote Accept/Decline and Invoice Creation via easy_invoice_accept_quote / easy_invoice_decline_quote AJAX Actions

The Easy Invoice plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.19. This is due to the plugin registering the easyinvoiceacceptquote and easyinvoicedeclinequote AJAX actions via wpajaxnopriv hooks and relying solely on a quote-scoped nonce that i...

5.3CVSS0.00297EPSS
Exploits0References10
CVE
CVE
added 6 days ago11 views

CVE-2026-9021

The CVE concerns the WordPress plugin Easy Invoice (WordPress plugin) with vulnerability in versions up to 2.1.19. The root cause is Missing Authorization via AJAX actions easy_invoice_accept_quote and easy_invoice_decline_quote , registered with wp_ajax_nopriv_ hooks and relying on a quote-scope...

5.3CVSS6AI score0.00297EPSS
Exploits0References10
CVE
CVE
added 2026/06/15 8:18 p.m.47 views

CVE-2026-48836

The CVE-2026-48836 entry concerns the WordPress Easy Invoice plugin (versions ≤ 2.1.19) with an unauthenticated Remote Code Execution (RCE) vulnerability. According to connected sources, an RCE exists in Easy Invoice up to 2.1.19; the Patchstack listing notes a critical CVSS 3.1 vector (AV:N/AC:L...

10CVSS5.5AI score0.00572EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/01 1:32 p.m.13 views

WordPress Easy Invoice plugin <= 2.1.19 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by HaiND in WordPress Plugin Easy Invoice versions = 2.1.19...

10CVSS5.8AI score0.00572EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2025/12/18 7:22 a.m.27 views

CVE-2025-6324 WordPress Easy Invoice plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through = 2.0.9...

7.1CVSS0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.8 views

WordPress plugin Easy Invoice 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.6CVSS6.6AI score0.00359EPSS
Exploits0References1
Rows per page
Query Builder