WP-Safety

PDF Invoices & Packing Slips Generator for WooCommerce Security & Risk Analysis

wordpress.org/plugins/pdf-invoicing-for-woocommerce

Add PDF invoices to WooCommerce.

100 active installs v2.4.7 PHP + WP 4.4+ Updated Jan 23, 2026
credit-noteinvoicepacking-listpdfwoocommerce
99
A · Safe
CVEs total1
Unpatched0
Last CVENov 22, 2024
Plugin page Download
Safety Verdict

Is PDF Invoices & Packing Slips Generator for WooCommerce Safe to Use in 2026?

Generally Safe

Score 99/100

PDF Invoices & Packing Slips Generator for WooCommerce has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Nov 22, 2024Updated 3mo ago
Risk Assessment

The plugin "pdf-invoicing-for-woocommerce" v2.4.7 exhibits a generally good security posture based on the static analysis. The absence of any identifiable AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points suggests a limited attack surface. Furthermore, the code signals indicate no dangerous functions, all SQL queries are properly prepared, and file operations are absent. The majority of output is correctly escaped, and external HTTP requests are not made. However, the presence of 0 nonce checks is a notable concern, especially as the plugin utilizes capability checks for security, and a lack of nonces could potentially be exploited in certain scenarios if other checks are bypassed. The bundled library TCPDF v1.0.004 is outdated, which could represent a potential vulnerability vector if exploitable issues exist in that specific version. The vulnerability history shows one past medium-severity CVE related to Cross-site Scripting, which has since been patched. While this indicates the developers are responsive to security issues, the existence of a past XSS vulnerability, even if resolved, highlights a historical weakness that warrants ongoing vigilance. Overall, the plugin is strong in its core implementation but has areas for improvement, particularly regarding nonce management and keeping bundled libraries up-to-date.

Key Concerns

  • Bundled outdated library (TCPDF v1.0.004)
  • No nonce checks implemented
Vulnerabilities
1 published

PDF Invoices & Packing Slips Generator for WooCommerce Security Vulnerabilities

CVEs by Year

1 CVE in 2024
2024
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

CVE-2024-11361medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting

Nov 22, 2024 Patched in 2.2.2 (1d)
Version History

PDF Invoices & Packing Slips Generator for WooCommerce Release Timeline

v2.4.7Current
v2.4.6
v2.4.5
v2.4.4
v2.4.3
v2.4.2
v2.4.1
v2.4.0
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.11 CVE
CVE-2024-11361
v2.2.01 CVE
CVE-2024-11361
v2.1.41 CVE
CVE-2024-11361
v2.1.31 CVE
CVE-2024-11361
v2.1.21 CVE
CVE-2024-11361
v2.1.11 CVE
CVE-2024-11361
v2.1.01 CVE
CVE-2024-11361
v2.0.11 CVE
CVE-2024-11361
Code Analysis
Analyzed Mar 16, 2026

PDF Invoices & Packing Slips Generator for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
4 prepared
Unescaped Output
7
37 escaped
Nonce Checks
0
Capability Checks
3
File Operations
0
External Requests
0
Bundled Libraries
1

Bundled Libraries

TCPDF1.0.004

SQL Query Safety

100% prepared4 total queries

Output Escaping

84% escaped44 total outputs
Attack Surface

PDF Invoices & Packing Slips Generator for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 29
actioninitincludes\class-alg-wc-pdf-invoicing-admin.php:32
actioninitincludes\class-alg-wc-pdf-invoicing-admin.php:35
filterwoocommerce_get_settings_pagesincludes\class-alg-wc-pdf-invoicing-admin.php:38
actionadmin_initincludes\class-alg-wc-pdf-invoicing-admin.php:42
actionadmin_enqueue_scriptsincludes\class-alg-wc-pdf-invoicing-admin.php:46
actionwoocommerce_admin_field_alg_wc_text_editorincludes\class-alg-wc-pdf-invoicing-admin.php:52
filtermanage_edit-shop_order_columnsincludes\class-alg-wc-pdf-invoicing-admin.php:61
filtermanage_woocommerce_page_wc-orders_columnsincludes\class-alg-wc-pdf-invoicing-admin.php:62
actionmanage_shop_order_posts_custom_columnincludes\class-alg-wc-pdf-invoicing-admin.php:63
actionmanage_woocommerce_page_wc-orders_custom_columnincludes\class-alg-wc-pdf-invoicing-admin.php:64
actionadd_meta_boxesincludes\class-alg-wc-pdf-invoicing-admin.php:67
filterbulk_actions-edit-shop_orderincludes\class-alg-wc-pdf-invoicing-admin.php:70
filterbulk_actions-woocommerce_page_wc-ordersincludes\class-alg-wc-pdf-invoicing-admin.php:71
filterhandle_bulk_actions-edit-shop_orderincludes\class-alg-wc-pdf-invoicing-admin.php:72
filterhandle_bulk_actions-woocommerce_page_wc-ordersincludes\class-alg-wc-pdf-invoicing-admin.php:73
actionadmin_footerincludes\class-alg-wc-pdf-invoicing-admin.php:74
actionadmin_enqueue_scriptsincludes\class-alg-wc-pdf-invoicing-admin.php:77
filtertiny_mce_before_initincludes\class-alg-wc-pdf-invoicing-admin.php:578
actionadmin_initincludes\class-alg-wc-pdf-invoicing-core.php:68
actioninitincludes\class-alg-wc-pdf-invoicing-core.php:69
actionadmin_initincludes\class-alg-wc-pdf-invoicing-core.php:70
filterwoocommerce_email_attachmentsincludes\class-alg-wc-pdf-invoicing-core.php:86
filterwoocommerce_my_account_my_orders_actionsincludes\class-alg-wc-pdf-invoicing-core.php:89
actioninitincludes\class-alg-wc-pdf-invoicing.php:88
actionbefore_woocommerce_initincludes\class-alg-wc-pdf-invoicing.php:91
filterwoocommerce_get_sections_alg_wc_pdf_invoicingincludes\settings\class-alg-wc-pdf-invoicing-settings-section.php:40
filterwoocommerce_admin_settings_sanitize_optionincludes\settings\class-alg-wc-pdf-invoicing-settings.php:30
actionadmin_noticesincludes\settings\class-alg-wc-pdf-invoicing-settings.php:108
actionplugins_loadedpdf-invoicing-for-woocommerce.php:58
Maintenance & Trust

PDF Invoices & Packing Slips Generator for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 23, 2026
PHP min version
Downloads8K

Community Trust

Rating100/100
Number of ratings1
Active installs100
Alternatives

PDF Invoices & Packing Slips Generator for WooCommerce Alternatives

PDF Invoices & Packing Slips for WooCommerce

PDF Invoices & Packing Slips for WooCommerce

woocommerce-pdf-invoices-packing-slips

A
88

Create, print & automatically email PDF or XML Invoices & PDF Packing Slips for WooCommerce orders.

300K 13 CVEs
WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes & Shipping Labels

print-invoices-packing-slip-labels-for-woocommerce

A
96

Auto-generate and attach WooCommerce PDF invoices and packing slips to order emails with customizable templates & bulk print options.

60K 6 CVEs
Print Invoice & Delivery Notes for WooCommerce

Print Invoice & Delivery Notes for WooCommerce

woocommerce-delivery-notes

A
89

Create and print PDF invoices, delivery notes and receipts for your WooCommerce orders. Choose your document format from multiple templates.

30K 9 CVEs
Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools

woocommerce-jetpack

B
82

Supercharge WooCommerce with FREE Abandoned Cart Recovery, Product Variation Swatches, PDF Invoices & 100+ tools. Boost sales & save time.

30K 32 CVEs
Invoices for WooCommerce

Invoices for WooCommerce

woocommerce-pdf-invoices

A
92

Automatically generate and attach customizable PDF Invoices and PDF Packing Slips for WooCommerce to emails.

10K No CVEs
Developer Profile

PDF Invoices & Packing Slips Generator for WooCommerce Developer Profile

WPFactory

64 plugins · 137K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
94 days
View full developer profile
Detection Fingerprints

How We Detect PDF Invoices & Packing Slips Generator for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/css/admin.css/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/admin.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/css/frontend.css/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/frontend.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/tcpdf.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/date.js
Script Paths
/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/admin.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/frontend.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/tcpdf.js/wp-content/plugins/pdf-invoicing-for-woocommerce/assets/js/date.js
Version Parameters
pdf-invoicing-for-woocommerce/assets/css/admin.css?ver=pdf-invoicing-for-woocommerce/assets/js/admin.js?ver=pdf-invoicing-for-woocommerce/assets/css/frontend.css?ver=pdf-invoicing-for-woocommerce/assets/js/frontend.js?ver=pdf-invoicing-for-woocommerce/assets/js/tcpdf.js?ver=pdf-invoicing-for-woocommerce/assets/js/date.js?ver=

HTML / DOM Fingerprints

CSS Classes
alg-wc-pdf-invoicing-admin-enqueue-script
HTML Comments
<!-- PDF Invoicing for WooCommerce --><!-- PDF Invoices & Packing Slips Generator for WooCommerce -->
Data Attributes
data-alg-wc-pdf-invoicing-order-iddata-alg-wc-pdf-invoicing-document-type
JS Globals
alg_wc_pdf_invoicing_params
FAQ

Frequently Asked Questions about PDF Invoices & Packing Slips Generator for WooCommerce