cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3216,https://securityvulnerability.io/vulnerability/CVE-2024-3216,Unauthorized Modification of Data in WooCommerce PDF Invoices Plugin,"The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wt_pklist_reset_settings() function in all versions up to, and including, 4.4.2. This makes it possible for unauthenticated attackers to reset all of the plugin's settings.",Wordpress,"WooCommerce PDF Invoices, Packing Slips, Delivery Notes And Shipping Labels",5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-06T04:15:00.000Z,0
CVE-2024-0957,https://securityvulnerability.io/vulnerability/CVE-2024-0957,WooCommerce PDF Invoices Plugin Vulnerable to Stored Cross-Site Scripting,"The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Customer Notes field in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected invoice for printing.",Wordpress,"WooCommerce PDF Invoices, Packing Slips, Delivery Notes And Shipping Labels",6.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-22T02:00:00.179Z,0
CVE-2023-7068,https://securityvulnerability.io/vulnerability/CVE-2023-7068,Unauthorized Data Access in WooCommerce PDF Invoices Plugin,"The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress has a security flaw that allows authenticated users, starting from subscriber-level access, to bypass authorization checks. This vulnerability arises from a missing capability check on the print_packinglist action. As a consequence, these users can export sensitive order information, potentially leading to unauthorized data exposure. It is critical for users of this plugin to update to the latest version to mitigate this risk.",Wordpress,"WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels",4.3,MEDIUM,0.0006200000061653554,false,,false,false,false,,false,false,2024-01-03T09:15:00.000Z,0