cleantalk
Vulnerabilities and Security Researches

PDF Invoices & Packing Slips for WooCommerce, CVE-2022-2537

CVE, Research URL

CVE-2022-2537

Home page URL

Security reports for PDF Invoices & Packing Slips for WooCommerce

Application

PDF Invoices & Packing Slips for WooCommerce

Published on
Aug 29, 2022
Research Description
The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting.
Affected versions
max 2.15.
Status
vulnerable
Previous vulnerability researches
PDF Invoices & Packing Slips for WooCommerce (CVE-2022-2537) , Jun 06, 2024
PDF Invoices & Packing Slips for WooCommerce (CVE-2024-3047) , Jun 06, 2024
PDF Invoices & Packing Slips for WooCommerce (CVE-2026-1906) , Apr 15, 2026
PDF Invoices & Packing Slips for WooCommerce (CVE-2024-50421) , Oct 27, 2024
PDF Invoices & Packing Slips for WooCommerce (CVE-2025-67589) , Jan 09, 2026
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026