Vulnerabilities (CVE)

Filtered by vendor Wpovernight Subscribe
Filtered by product Woocommerce Pdf Invoices\& Packing Slips
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-22147 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 N/A 7.6 HIGH
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5.
CVE-2022-47148 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss.
CVE-2022-2537 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 N/A 6.1 MEDIUM
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting.
CVE-2022-2092 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.
CVE-2021-24991 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 3.5 LOW 4.8 MEDIUM
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard
CVE-2017-18506 1 Wpovernight 1 Woocommerce Pdf Invoices\& Packing Slips 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens.