PDF Invoices & Packing Slips for WooCommerce < 3.7.6 – Shop Manager+ SQL Injection | CVE 2024-22147 | Plugin Vulnerabilities

Description

The plugin is vulnerable to SQL Injection via the get_numbers() function in all versions up to, and including, 3.7.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with shop manager-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Affects Plugins

woocommerce-pdf-invoices-packing-slips

Fixed in 3.7.6

References

CVE

URL

https://patchstack.com/database/vulnerability/woocommerce-pdf-invoices-packing-slips/wordpress-pdf-invoices-packing-slips-for-woocommerce-plugin-3-7-5-sql-injection-vulnerability

Classification

Type

SQLI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

Yudistira Arya

Verified

No

WPVDB ID

694832d6-8af9-4cc8-8e85-2e2f557a3aed

Timeline

Publicly Published

2024-01-12 (about 2 years ago)

Added

2024-01-20 (about 2 years ago)

Last Updated

2024-01-20 (about 2 years ago)

Other

Published

Title

Published

2023-11-27

Title

HUSKY – Products Filter for WooCommerce (formerly WOOF) < 1.3.4.3 - Unauthenticated SQL Injection via search terms

Published

2022-11-21

Title

Icegram Express < 5.5.1 - Subscriber+ SQLi

Published

2022-01-05

Title

Rearrange Woocommerce Products < 3.0.8 - Subscriber+ SQL Injection

Published

2014-08-01

Title

Leaflet Maps Marker 3.5.2 - Two SQL Injection Vulnerabilities

Published

2017-09-22

Title

Gallery < 1.2.1 - Admin+ SQLi