Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invoices vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22147
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a up to and including 3.7.5.
Wpovernight Woocommerce Pdf Invoices& Packing Slips
312
VMScore
CVE-2021-24787
The Client Invoicing by Sprout Invoices WordPress plugin prior to 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Webventures Client Invoicing By Sprout Invoices
383
VMScore
CVE-2022-2092
The WooCommerce PDF Invoices & Packing Slips WordPress plugin prior to 2.16.0 doesn't escape a parameter on its setting page, making it possible for malicious users to conduct reflected cross-site scripting attacks.
Wpovernight Woocommerce Pdf Invoices& Packing Slips
NA
CVE-2022-47148
Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss.
Wpovernight Woocommerce Pdf Invoices& Packing Slips
312
VMScore
CVE-2021-24991
The WooCommerce PDF Invoices & Packing Slips WordPress plugin prior to 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard
Wpovernight Woocommerce Pdf Invoices& Packing Slips
383
VMScore
CVE-2015-9516
The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Sandhillsdev Easy Digital Downloads
Easydigitaldownloads Invoices -
NA
CVE-2022-2537
The WooCommerce PDF Invoices & Packing Slips WordPress plugin prior to 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting.
Wpovernight Woocommerce Pdf Invoices& Packing Slips
383
VMScore
CVE-2015-9518
The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Sandhillsdev Easy Digital Downloads
Easydigitaldownloads Pdf Invoices -
NA
CVE-2023-7068
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprint_packinglist action in all versions up to, and including, 4.3.0. This makes it possible f...
Webtoffee Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
435
VMScore
CVE-2010-1486
Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in CactuShop prior to 6.155 allow remote malicious users to inject arbitrary web script or HTML via the (1) billing address or (2) shipping address.
Cactushop Cactushop 3
Cactushop Cactushop 4.6
Cactushop Cactushop 4.5
Cactushop Cactushop 5.1
Cactushop Cactushop 5.0
Cactushop Cactushop 4.1
Cactushop Cactushop 4
Cactushop Cactushop
Cactushop Cactushop 4.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »