← Back

Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels

woocommerce_pdf_invoices,_packing_slips,_delivery_notes_and_shipping_labels

Vendor: Webtoffee • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-24644
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Apr 23, 2026
Jan 24, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels print-invoices-packing-slip-labe...Show more
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels print-invoices-packing-slip-labels-for-woocommerce allows Stored XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through <= 4.7.1.Show less
CVE-2023-51546
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Feb 11, 2025
May 17, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips,...Show more
Improper Privilege Management vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Privilege Escalation.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.2.1.Show less
CVE-2024-3216
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Apr 8, 2026
Apr 6, 2024
N/A· v4
5.3 MEDIUM· v3
N/A· v2
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wt_pklist_reset_settings()...Show more
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wt_pklist_reset_settings() function in all versions up to, and including, 4.4.2. This makes it possible for unauthenticated attackers to reset all of the plugin's settings.Show less
CVE-2024-22288
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Apr 28, 2026
Mar 27, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue...Show more
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Reflected XSS.This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.4.0.Show less
CVE-2024-0957
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Apr 8, 2026
Mar 22, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Customer Notes field in all versions up to, and including, 4.4.1 d...Show more
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Customer Notes field in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected invoice for printing.Show less
CVE-2023-7068
1Webtoffee
1Woocommerce Pdf Invoices, Packing Slips, Delivery Notes And Shipping Labels
Apr 8, 2026
Jan 3, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprint_packinglist action in all ve...Show more
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on theprint_packinglist action in all versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to export orders which can contain sensitive information.Show less