CVE-2026-1906 | PDF Invoices & Packing Slips for WooCommerce Plugin Peppol EDI Endpoint resource injection

February 17, 2026 Yanac

A vulnerability was found in PDF Invoices & Packing Slips for WooCommerce Plugin up to 5.6.0 on WordPress. It has been rated as problematic. This issue affects the function wpo_ips_edi_save_order_customer_peppol_identifiers of the component Peppol EDI Endpoint. This manipulation of the argument order_id causes improper control of resource identifiers.

The identification of this vulnerability is CVE-2026-1906. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More