Woocommerce Pdf Invoices& Packing Slips@* Security Vulnerabilities and Issues — Woocommerce Pdf Invoices& Packing Slips@* CVE List

Lucene search

WpovernightWoocommerce Pdf Invoices& Packing Slips*

10 matches found

CVE•added 2022/08/29 6:15 p.m.•100 views

CVE-2022-2537

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting.

6.1CVSS6.1AI score0.00109EPSS

Web

CVE•added 2022/01/03 1:15 p.m.•54 views

CVE-2021-24991

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard

4.8CVSS5.1AI score0.03364EPSS

Web

CVE•added 2022/07/11 1:15 p.m.•48 views

CVE-2022-2092

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.

6.1CVSS6AI score0.00273EPSS

Web

CVE•added 2025/02/04 7:15 p.m.•48 views

CVE-2025-24373

woocommerce-pdf-invoices-packing-slips is an extension which allows users to create, print & automatically email PDF invoices & packing slips for WooCommerce orders. This vulnerability allows unauthorized users to access any PDF document from a store if they: 1. Have access to a guest document link...

6.5CVSS6.7AI score0.00072EPSS

CVE•added 2024/01/27 12:15 a.m.•47 views

CVE-2024-22147

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5.

7.6CVSS7.5AI score0.00148EPSS

CVE•added 2024/05/02 5:15 p.m.•44 views

CVE-2024-3047

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform() function. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web appl...

7.2CVSS6.7AI score0.00334EPSS

CVE•added 2024/05/02 5:15 p.m.•42 views

CVE-2024-3045

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

7.2CVSS6AI score0.01681EPSS

CVE•added 2019/08/12 3:15 p.m.•40 views

CVE-2017-18506

The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens.

6.1CVSS6AI score0.00487EPSS

CVE•added 2024/10/29 10:15 p.m.•37 views

CVE-2024-50421

Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoices & Packing Slips: from n/a through 3.8.6.

5.3CVSS5.7AI score0.00096EPSS

CVE•added 2023/03/01 3:15 p.m.•33 views

CVE-2022-47148

Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin

4.3CVSS4.7AI score0.00067EPSS