Sliced Invoices

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2019-25746	WordPress Sliced Invoices	Hig	0.46	7.1	—	Jun 15, 2026	WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with…
CVE-2025-31628	WordPress Sliced Invoices	Med	0.34	5.3	0.00	Apr 1, 2025	Missing Authorization vulnerability in SlicedInvoices Sliced Invoices sliced-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliced Invoices: from n/a through <= 3.10.0.
CVE-2024-30517	WordPress Sliced Invoices		0.00	—	0.00	Jun 9, 2024	Missing Authorization vulnerability in Sliced Invoices.This issue affects Sliced Invoices: from n/a through 3.9.2.
CVE-2020-20625	WordPress Sliced Invoices		0.00	—	0.01	Aug 31, 2020	Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php.

CVE-2019-25746HigJun 15, 2026
WordPress
Sliced Invoices
risk 0.46cvss 7.1epss —
WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with…
CVE-2025-31628MedApr 1, 2025
WordPress
Sliced Invoices
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in SlicedInvoices Sliced Invoices sliced-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sliced Invoices: from n/a through <= 3.10.0.
CVE-2024-30517Jun 9, 2024
WordPress
Sliced Invoices
risk 0.00cvss —epss 0.00
Missing Authorization vulnerability in Sliced Invoices.This issue affects Sliced Invoices: from n/a through 3.9.2.
CVE-2020-20625Aug 31, 2020
WordPress
Sliced Invoices
risk 0.00cvss —epss 0.01
Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php.