Vulnerabilities > Wpovernight > Woocommerce PDF Invoices Packing Slips > 2.8.3

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-04	CVE-2025-24373	Unspecified vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips woocommerce-pdf-invoices-packing-slips is an extension which allows users to create, print & automatically email PDF invoices & packing slips for WooCommerce orders. network low complexity wpovernight	6.5
2024-05-02	CVE-2024-3045	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. network low complexity wpovernight CWE-79	6.1
2024-01-27	CVE-2024-22147	Unspecified vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packing Slips for WooCommerce: from n/a through 3.7.5. network low complexity wpovernight	7.2
2023-03-01	CVE-2022-47148	Cross-Site Request Forgery (CSRF) vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips Cross-Site Request Forgery (CSRF) vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce plugin <= 3.2.5 leading to popup dismiss. network low complexity wpovernight CWE-352	4.3
2022-07-11	CVE-2022-2092	Unspecified vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks. network low complexity wpovernight	6.1
2022-01-03	CVE-2021-24991	Cross-site Scripting vulnerability in Wpovernight Woocommerce PDF Invoices& Packing Slips The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard network low complexity wpovernight CWE-79	4.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.