Vulnerabilities > Wpovernight
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-27 | CVE-2024-22147 | SQL Injection vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5. | 7.2 |
| 2023-06-22 | CVE-2023-34170 | Cross-site Scripting vulnerability in Wpovernight Download Quick/Bulk Order Form for Woocommerce Auth. | 4.8 |
| 2023-03-01 | CVE-2022-47148 | Cross-Site Request Forgery (CSRF) vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss. | 4.3 |
| 2022-07-11 | CVE-2022-2092 | Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. | 4.3 |
| 2022-01-03 | CVE-2021-24991 | Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard | 3.5 |
| 2019-08-12 | CVE-2017-18506 | Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. | 4.3 |