CVE-2022-2092

Summary

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.

Affected Software

VendorProductVersion RangeStatus
UnknownWooCommerce PDF Invoices & Packing Slips2.16.0 < 2.16.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References