Show filters
285 Total Results
Displaying 41-50 of 285
Sort by:
Attacker Value
Unknown

CVE-2023-51546

Disclosure Date: May 17, 2024 (last updated February 12, 2025)
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1.
Attacker Value
Unknown

CVE-2023-40720

Disclosure Date: May 14, 2024 (last updated May 24, 2024)
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.
Attacker Value
Unknown

CVE-2024-4747

Disclosure Date: May 14, 2024 (last updated May 15, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2.
0
Attacker Value
Unknown

CVE-2024-4233

Disclosure Date: May 08, 2024 (last updated May 09, 2024)
Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce, Tyche Softwares Arconix Shortcodes, Tyche Softwares Arconix FAQ.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.8.1; Arconix Shortcodes: from n/a through 2.1.10; Arconix FAQ: from n/a through 1.9.3.
0
Attacker Value
Unknown

CVE-2024-3047

Disclosure Date: May 02, 2024 (last updated February 12, 2025)
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform() function. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
0
Attacker Value
Unknown

CVE-2024-3045

Disclosure Date: May 02, 2024 (last updated February 12, 2025)
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Attacker Value
Unknown

CVE-2024-32518

Disclosure Date: April 17, 2024 (last updated April 17, 2024)
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0.
0
Attacker Value
Unknown

CVE-2024-3216

Disclosure Date: April 06, 2024 (last updated February 12, 2025)
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wt_pklist_reset_settings() function in all versions up to, and including, 4.4.2. This makes it possible for unauthenticated attackers to reset all of the plugin's settings.
0
Attacker Value
Unknown

CVE-2024-30230

Disclosure Date: March 28, 2024 (last updated January 05, 2025)
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7.
0
Attacker Value
Unknown

CVE-2024-22288

Disclosure Date: March 27, 2024 (last updated February 11, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.4.0.