Really Simple Security logo

Log out
Get PRO

Latest

Output validation vulnerability in PDF Invoices for WooCommerce + Drag and Drop Template Builder 6.3.2

  • Severity: high-risk
  • Status: Fixed
  • Publication: August 23, 2025

A popular plugin for WordPress called “PDF Invoices for WooCommerce + Drag and Drop Template Builder” has a security vulnerability that could allow hackers to inject harmful code into the website. This could only happen if the attacker has a certain level of access to the site and if there is another plugin or theme with a similar vulnerability installed. In that case, the attacker could potentially delete files, access sensitive information, or even run malicious code on the website.

Detected in:

PDF for WooCommerce + Drag and Drop Template Builder fixed vulnerable versions:
PDF Invoice for WooCommerce + Drag and Drop Template Builder fixed vulnerable versions:
PDF Invoices for WooCommerce + Drag and Drop Template Builder fixed vulnerable versions: >= * <= 6.5.0

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.