PDF Invoices & Packing Slips for WooCommerce

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   PDF Invoices & Packing Slips for WooCommerce

Information

Software Type Plugin
Software Slug woocommerce-pdf-invoices-packing-slips (view on wordpress.org)
Software Status Active
Software Author wpovernight
Software Website wpovernight.com
Software Downloads 15,285,041
Software Active Installs 300,000
Software Record Last Updated May 19, 2024

9 Vulnerabilities

PDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Server-Side Request Forgery
7.2
CVE-2024-3047
Apr 24, 2024
Researcher: Tim Coen
PDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting
7.2
CVE-2024-3045
Apr 24, 2024
Researcher: Tim Coen
PDF Invoices & Packing Slips for WooCommerce <= 3.7.6 - Authenticated (Shop Manager+) SQL Injection
7.2
CVE-2024-22147
Jan 12, 2024
Researcher: beluga
WooCommerce PDF Invoices & Packing Slips 2.14.0 - 3.0.0 - Reflected Cross-Site Scripting
6.1
CVE-2022-2537
Aug 3, 2022
Researcher: Krzysztof Zając
WooCommerce PDF Invoices & Packing Slips <= 2.14.5 - Cross-Site Scripting
6.1
CVE ID Unknown
Jun 7, 2022
Researchers:
WooCommerce PDF Invoices & Packing Slips <= 2.0.12 - Cross-Site Scripting
6.1
CVE-2017-18506
Oct 2, 2017
Researcher: Detectify
WooCommerce PDF Invoices & Packing Slips <= 2.15.0 - Reflected Cross-Site Scripting
5.4
CVE-2022-2092
Jun 16, 2022
Researcher: ZhongFu Su
WooCommerce PDF Invoices & Packing Slips <= 2.10.4 - Reflected Cross-Site Scripting via tab and section parameter
4.8
CVE-2021-24991
Dec 6, 2021
Researcher: Krzysztof Zając
WooCommerce PDF Invoices & Packing Slips <= 3.2.5 - Cross Site Request Forgery
4.3
CVE-2022-47148
Jan 27, 2023
Researcher: Muhammad Daffa
Title Status CVE ID CVSS Researchers Date
PDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Server-Side Request Forgery Patched CVE-2024-3047 7.2 Tim Coen April 24, 2024
PDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting Patched CVE-2024-3045 7.2 Tim Coen April 24, 2024
PDF Invoices & Packing Slips for WooCommerce <= 3.7.6 - Authenticated (Shop Manager+) SQL Injection Patched CVE-2024-22147 7.2 beluga January 12, 2024
WooCommerce PDF Invoices & Packing Slips 2.14.0 - 3.0.0 - Reflected Cross-Site Scripting Patched CVE-2022-2537 6.1 Krzysztof Zając August 3, 2022
WooCommerce PDF Invoices & Packing Slips <= 2.14.5 - Cross-Site Scripting Patched 6.1 June 7, 2022
WooCommerce PDF Invoices & Packing Slips <= 2.0.12 - Cross-Site Scripting Patched CVE-2017-18506 6.1 Detectify October 2, 2017
WooCommerce PDF Invoices & Packing Slips <= 2.15.0 - Reflected Cross-Site Scripting Patched CVE-2022-2092 5.4 ZhongFu Su June 16, 2022
WooCommerce PDF Invoices & Packing Slips <= 2.10.4 - Reflected Cross-Site Scripting via tab and section parameter Patched CVE-2021-24991 4.8 Krzysztof Zając December 6, 2021
WooCommerce PDF Invoices & Packing Slips <= 3.2.5 - Cross Site Request Forgery Patched CVE-2022-47148 4.3 Muhammad Daffa January 27, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation