PeproDev Ultimate Invoice — Vulnerabilities & Security Advisories 5

All 5 CVE vulnerabilities found in PeproDev Ultimate Invoice, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-2343	PeproDev Ultimate Invoice <= 2.2.5 - Unauthenticated Invoice Archive Download	9.1	-	2026-03-25
CVE-2024-13719	PeproDev Ultimate Invoice <= 2.0.9 - Insecure Direct Object Reference to Unauthenticated Order Information Exposure CWE-862	5.3	Medium	2025-02-19
CVE-2024-49298	WordPress PeproDev Ultimate Invoice plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-10-17
CVE-2024-32518	WordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerability CWE-862	5.3	Medium	2024-04-17
CVE-2024-25933	WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability CWE-200	5.3	Medium	2024-03-17

All 5 known CVE vulnerabilities affecting PeproDev Ultimate Invoice with full Chinese analysis, references, and POCs where available.