RSS   Vulnerabilities for
'Woocommerce pdf invoices\& packing slips'
   RSS

2022-07-11
 
CVE-2022-2092

CWE-79
 

 
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.

 
2022-01-03
 
CVE-2021-24991

CWE-79
 

 
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard

 


Copyright 2024, cxsecurity.com

 

Back to Top