Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in QR Code Tag for WC order emails, POS receipt emails, PDF invoices, PDF packing slips, Blog posts, Custom post types and Pages (from goaskle.com) 1.9.36

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 4, 2025

A popular plugin for WordPress called “QR Code Tag” has a security issue that could potentially be exploited by hackers. This vulnerability affects all versions up to 1.9.36. Essentially, the plugin does not properly check for a security code before allowing certain actions to be performed. This means that if a hacker can trick a site administrator into clicking on a link, they could potentially gain unauthorized access to the website.

Detected in:

QR Code for WooCommerce order emails, POS receipt emails, PDF invoices, PDF packing slips, Blog posts, CPT and Pages (from goaskle.com) fixed vulnerable versions:
QR Code Tag for WC order emails, POS receipt emails, PDF invoices, PDF packing slips, Blog posts, Custom post types and Pages (from goaskle.com) fixed vulnerable versions: >= * <= 1.9.36

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.