CyberSec.Space Logo
返回 CVE 浏览器

CVE-2026-52704

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1660%
EPSS Percentile24.93th
Published2026年6月15日
Last Modified2026年6月15日

Vulnerability Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://patchstack.com/database/wordpress/plugin/woo-pdf-invoice-builder/vulnerability/wordpress-woocommerce-pdf-invoice-builder-plugin-2-0-8-remote-code-execution-rce-vulnerability?_s_id=cve

相关漏洞威胁

CVE-2026-4855810.0

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authe...

CVE-2026-4638910.0

UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Ident...

CVE-2026-1061110.0

An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deploymen...

CVE-2026-4926110.0

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 th...