Tychesoftwares Print Invoice Delivery Notes For Woocommerce vulnerabilities
9 known vulnerabilities affecting tychesoftwares/print_invoice_delivery_notes_for_woocommerce.
Total CVEs
9
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH2MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2025-13773P1CRITICALCVSS 9.8ExploitedPoC≤ 5.8.02025-12-24
CVE-2025-13773 [CRITICAL] CWE-94 CVE-2025-13773: The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Remote Code
The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.8.0 via the 'WooCommerce_Delivery_Notes::update' function. This is due to missing capability check in the 'WooCommerce_Delivery_Notes::update' function, PHP enabled in Dompdf, and missing escape in t
nvd
CVE-2026-56060P3HIGHCVSS 7.5≥ n/a, ≤ 7.1.12026-06-26
CVE-2026-56060 [HIGH] CWE-497 CVE-2026-56060: Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 v
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions.
nvd
CVE-2026-25317P3HIGHCVSS 7.5≤ 5.9.02026-03-25
CVE-2026-25317 [HIGH] CWE-862 CVE-2026-25317: Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce
Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.9.0.
nvd
CVE-2026-24946P4MEDIUMCVSS 6.5≤ 5.8.02026-02-20
CVE-2026-24946 [MEDIUM] CWE-862 CVE-2026-24946: Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce
Missing Authorization vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.8.0.
nvd
CVE-2022-46795P4MEDIUMCVSS 6.5fixed in 4.7.32024-12-13
CVE-2022-46795 [MEDIUM] CWE-862 CVE-2022-46795: Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerc
Missing Authorization vulnerability in Tyche Softwares Print Invoice & Delivery Notes for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through 4.7.2.
nvd
CVE-2024-13640P4MEDIUMCVSS 5.9≤ 5.4.12025-03-08
CVE-2024-13640 [MEDIUM] CWE-200 CVE-2024-13640: The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Sensitive I
The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.4.1 via the 'wcdn/invoice' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/wcdn/invoice directory which
nvd
CVE-2023-0479P4MEDIUMCVSS 6.1fixed in 4.7.22024-01-16
CVE-2023-0479 [MEDIUM] CWE-79 CVE-2023-0479: The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to re
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the edit_others_shop_orders capability. WooCommerce must be installed and active. This vulnerabilit
nvd
CVE-2025-49239P4MEDIUMCVSS 5.4≤ 5.5.02025-06-06
CVE-2025-49239 [MEDIUM] CWE-352 CVE-2025-49239: Cross-Site Request Forgery (CSRF) vulnerability in tychesoftwares Print Invoice & Delivery Notes for
Cross-Site Request Forgery (CSRF) vulnerability in tychesoftwares Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes allows Cross Site Request Forgery.This issue affects Print Invoice & Delivery Notes for WooCommerce: from n/a through <= 5.5.0.
nvd
CVE-2024-12210P4MEDIUMCVSS 4.3≤ 5.4.02024-12-24
CVE-2024-12210 [MEDIUM] CWE-862 CVE-2024-12210: The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorize
The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdn_remove_shoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove the s
nvd