cleantalk
Vulnerabilities and Security Researches

Challan – PDF Invoice & Packing Slip for WooCommerce, c0e638522757dc0e018dc791befa7fdc871f818a

CVE, Research URL

c0e638522757dc0e018dc791befa7fdc871f818a

Home page URL

Security reports for Challan – PDF Invoice & Packing Slip for WooCommerce

Application

Challan – PDF Invoice & Packing Slip for WooCommerce

Published on
Mar 21, 2023
Research Description
Challan &#8211; PDF Invoice &amp; Packing Slip for WooCommerce [webappick-pdf-invoice-for-woocommerce] < 3.4.9 WordPress Challan – PDF Invoice & Packing Slip for WooCommerce Plugin <= 3.4.8 is vulnerable to Cross Site Request Forgery (CSRF) No patched version is available. No reply from the vendor. Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Challan – PDF Invoice & Packing Slip for WooCommerce Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.
Affected versions
Min -, max 3.4.9.
Status
vulnerable
Previous vulnerability researches
Challan &#8211; PDF Invoice &amp; Packing Slip for WooCommerce (CVE-2025-47462) , May 09, 2025
Challan &#8211; PDF Invoice &amp; Packing Slip for WooCommerce (c0e638522757dc0e018dc791befa7fdc871f818a) , Jun 07, 2024
New vulnerability
1 Click WordPress Migration Plugin &#8211; 100% FREE for a limited time (CVE-2025-3455) , May 10, 2025
EUCookieLaw (CVE-2025-3897) , May 10, 2025
Frontend Login and Registration Blocks (CVE-2025-3605) , May 10, 2025
WordPress CRM, Email &amp; Marketing Automation for WordPress | Award Winner — Groundhogg (CVE-2025-4206) , May 10, 2025
Top 10 &#8211; WordPress Popular posts by WebberZone (CVE-2025-47509) , May 09, 2025