105 matches found
WordPress PeproDev Ultimate Invoice plugin < 2.2.6 - Unauthenticated Invoice Archive Download vulnerability
Unauthenticated Invoice Archive Download vulnerability discovered by Ashkan Moghaddas in WordPress Plugin PeproDev Ultimate Invoice versions 2.2.6...
CVE-2026-2343
The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII...
CVE-2026-2343
The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII...
CVE-2026-2343 PeproDev Ultimate Invoice <= 2.2.5 - Unauthenticated Invoice Archive Download
The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII...
CVE-2026-2343
The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII...
CVE-2026-2343
The CVE-2026-2343 entry concerns the PeproDev Ultimate Invoice WordPress plugin (up to version 2.2.5). Affected component: bulk download invoices action that creates ZIP archives containing exported invoice PDFs. Root cause: ZIPs are named predictably, enabling brute force access to PII stored in...
CVE-2026-2343 PeproDev Ultimate Invoice <= 2.2.5 - Unauthenticated Invoice Archive Download
The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII...
WordPress plugin PeproDev Ultimate Invoice 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-27640
Name of the Vulnerable Software and Affected Versions PeproDev Ultimate Invoice WordPress plugin versions through 2.2.5 Description The plugin allows for the bulk download of invoices, generating ZIP archives containing exported invoice PDFs. The ZIP file names are predictable, potentially allowi...
WordPress PeproDev WooCommerce Receipt Uploader plugin <= 2.6.9 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PeproDev WooCommerce Receipt Uploader versions = 2.6.9...
EUVD-2024-49446
Malicious code in bioql PyPI...
EUVD-2024-43363
Malicious code in bioql PyPI...
EUVD-2023-46355
Malicious code in bioql PyPI...
EUVD-2024-23235
Malicious code in bioql PyPI...
EUVD-2025-14748
Malicious code in bioql PyPI...
EUVD-2024-30320
Malicious code in bioql PyPI...
EUVD-2023-46354
Malicious code in bioql PyPI...
EUVD-2025-13665
Malicious code in bioql PyPI...
EUVD-2025-3782
Malicious code in bioql PyPI...
CVE-2024-25933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7...