Latest

Access violation vulnerability in WooCommerce PDF Invoice Builder, Create invoices, packing slips and more 1.2.91

CVE-2023-4245

Severity: medium-risk
Status: Fixed
Publication: August 18, 2023

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data. This means that people who subscribe to the service could potentially view invoices that do not belong to them, as long as they are able to guess the order id and invoice id. This vulnerability is present in versions of the plugin up to and including 1.2.89.

Detected in:

PDF Builder for WooCommerce. Create invoices,packing slips and more fixed vulnerable versions:

WooCommerce PDF Invoice Builder, Create invoices, packing slips and more fixed vulnerable versions: >= * <= 1.2.91

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Access violation vulnerability in WooCommerce PDF Invoice Builder, Create invoices, packing slips and more 1.2.91

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Access violation vulnerability in WooCommerce PDF Invoice Builder, Create invoices, packing slips and more 1.2.91

Detected in: