Vulnerabilities > Rednao > Woocommerce PDF Invoice Builder > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2023-46076 Cross-site Scripting vulnerability in Rednao Woocommerce PDF Invoice Builder
Unauth.
network
low complexity
rednao CWE-79
6.1
6.1
2023-08-31 CVE-2023-3764 Unspecified vulnerability in Rednao Woocommerce PDF Invoice Builder
The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.90.
network
low complexity
rednao
4.3
4.3
2023-08-31 CVE-2023-4160 Unspecified vulnerability in Rednao Woocommerce PDF Invoice Builder
The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.90 due to insufficient input sanitization and output escaping.
network
low complexity
rednao
4.8
4.8
2023-08-31 CVE-2023-4161 Unspecified vulnerability in Rednao Woocommerce PDF Invoice Builder
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90.
network
low complexity
rednao
4.3
4.3
2023-08-31 CVE-2023-4245 Unspecified vulnerability in Rednao Woocommerce PDF Invoice Builder
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89.
network
low complexity
rednao
4.3
4.3