Browse all 5 CVE security advisories affecting WP Overnight. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WP Overnight provides WordPress maintenance and optimization services for websites. Historically, their plugins have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The company has five CVEs on record, with several critical flaws allowing unauthorized access or website compromise. While no major public security incidents have been widely reported, their plugins have faced repeated security issues over time, often stemming from insufficient input validation and improper access controls. WP Overnight's security track record suggests a need for more rigorous code review and secure development practices to prevent recurring vulnerabilities in their WordPress solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67589 | WordPress WooCommerce PDF Invoices & Packing Slips plugin <= 4.9.1 - Broken Access Control vulnerability — WooCommerce PDF Invoices & Packing SlipsCWE-862 | 4.3 | Medium | 2025-12-09 |
| CVE-2024-50421 | WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 3.8.6 - Broken Access Control vulnerability — WooCommerce PDF Invoices & Packing SlipsCWE-862 | 5.3 | Medium | 2024-10-29 |
| CVE-2024-22147 | WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.7.5 is vulnerable to SQL Injection — PDF Invoices & Packing Slips for WooCommerceCWE-89 | 7.6 | High | 2024-01-26 |
| CVE-2023-34170 | WordPress Quick/Bulk Order Form for WooCommerce Plugin <= 3.5.7 is vulnerable to Cross Site Scripting (XSS) — Quick/Bulk Order Form for WooCommerceCWE-79 | 5.9 | Medium | 2023-06-22 |
| CVE-2022-47148 | WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF) — PDF Invoices & Packing Slips for WooCommerceCWE-352 | 4.3 | Medium | 2023-03-01 |
This page lists every published CVE security advisory associated with WP Overnight. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.