VYPR

PDF Invoices and Packing Slips For WooCommerce

by WordPress

CVEs (4)

  • CVE-2024-1773HigMar 7, 2024
    risk 0.57cvss 8.8epss 0.01

    The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.7 via deserialization of untrusted input via the order_id parameter. This makes it possible for authenticated attackers, with…

  • CVE-2024-30230HigMar 28, 2024
    risk 0.53cvss 8.2epss 0.01

    Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7.

  • CVE-2024-3047HigMay 2, 2024
    risk 0.40cvss 7.2epss 0.00

    The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform() function. This can allow unauthenticated attackers to make web requests to arbitrary locations…

  • CVE-2024-3045HigMay 2, 2024
    risk 0.40cvss 7.2epss 0.01

    The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for…