Skip to main content

Woocommerce Pdf Invoice Builder

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-52704 CRITICAL Act Now

Remote code execution in Edgar Rojas WooCommerce PDF Invoice Builder WordPress plugin (versions through 2.0.8) allows unauthenticated remote attackers to inject and execute arbitrary code on the host WordPress site. The CVSS 10.0 score with scope change reflects the severe impact: attackers can fully compromise the WordPress instance and potentially pivot beyond it. No public exploit identified at time of analysis, but the trivial attack vector (AV:N/AC:L/PR:N/UI:N) makes mass exploitation likely once details surface.

Code Injection WordPress RCE Woocommerce Pdf Invoice Builder
NVD
CVSS 3.1
10.0
EPSS
0.3%
CVE-2026-52704
EPSS 0% CVSS 10.0
CRITICAL Act Now

Remote code execution in Edgar Rojas WooCommerce PDF Invoice Builder WordPress plugin (versions through 2.0.8) allows unauthenticated remote attackers to inject and execute arbitrary code on the host WordPress site. The CVSS 10.0 score with scope change reflects the severe impact: attackers can fully compromise the WordPress instance and potentially pivot beyond it. No public exploit identified at time of analysis, but the trivial attack vector (AV:N/AC:L/PR:N/UI:N) makes mass exploitation likely once details surface.

Code Injection WordPress RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy