CVE-2026-1906
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.0 via the wpoipsedisaveordercustomerpeppolidentifiers AJAX action due to missing capability checks and order ownership validation. This...