A vulnerability described as critical has been identified in Edgar Rojas WooCommerce PDF Invoice Builder Plugin up to 2.0.8 on WordPress. Impacted is an unknown function. The manipulation results in code injection. This vulnerability is cataloged as CVE-2026-52704 . The attack may be launched remotely. There is no exploit available.