Vulnerabilities > Wpovernight

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-23	CVE-2024-9927	Improper Authentication vulnerability in Wpovernight Woocommerce Order Proposal The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via order proposal in all versions up to and including 2.0.5. network low complexity wpovernight CWE-287	7.2
2024-01-27	CVE-2024-22147	SQL Injection vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5. network low complexity wpovernight CWE-89	7.2
2023-06-22	CVE-2023-34170	Cross-site Scripting vulnerability in Wpovernight Download Quick/Bulk Order Form for Woocommerce Auth. network low complexity wpovernight CWE-79	4.8
2023-03-01	CVE-2022-47148	Cross-Site Request Forgery (CSRF) vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss. network low complexity wpovernight CWE-352	4.3
2022-08-29	CVE-2022-2537	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting. network low complexity wpovernight CWE-79	6.1
2022-07-11	CVE-2022-2092	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. network low complexity wpovernight CWE-79	6.1
2022-01-03	CVE-2021-24991	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard network low complexity wpovernight CWE-79	4.8
2019-08-12	CVE-2017-18506	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. network low complexity wpovernight CWE-79	6.1

Vulnerabilities > Wpovernight {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpovernight"}]}

Vulnerabilities > Wpovernight