Deserialization of Untrusted Data Vulnerability Affects PDF Invoices and Packing Slips For WooCommerce
CVE-2024-30230
8.8HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 28 March 2024
What is CVE-2024-30230?
A vulnerability exists in the Acowebs PDF Invoices and Packing Slips for WooCommerce plugin, related to the deserialization of untrusted data. This issue can allow attackers to exploit the plugin and execute arbitrary PHP code, leading to potential unauthorized access and manipulation of sensitive data. Websites using versions prior to 1.3.7 are susceptible, emphasizing the importance of updating to the latest secure version to mitigate risk and enhance overall security.
Affected Version(s)
PDF Invoices and Packing Slips For WooCommerce <= 1.3.7