VYPR

Easy Invoice

by WordPress

Source repositories

CVEs (3)

  • CVE-2026-48836CriJun 15, 2026
    risk 0.65cvss 10.0epss 0.01

    Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.

  • CVE-2025-6324HigDec 18, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MatrixAddons Easy Invoice easy-invoice allows DOM-Based XSS.This issue affects Easy Invoice: from n/a through <= 2.0.9.

  • CVE-2025-66115MedNov 21, 2025
    risk 0.43cvss 6.6epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in MatrixAddons Easy Invoice easy-invoice allows PHP Local File Inclusion.This issue affects Easy Invoice: from n/a through <= 2.1.4.