cleantalk
Vulnerabilities and Security Researches

Ebook Store, CVE-2025-8113

CVE, Research URL

CVE-2025-8113

Home page URL

Security reports for Ebook Store

Application

Ebook Store

Published on
Aug 16, 2025
Research Description
The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Affected versions
Min -, max 5.8015.
Status
vulnerable
Previous vulnerability researches
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-49975) , Jun 30, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-57895) , Aug 25, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2025-2010) , Apr 20, 2025
WordPress Job Board and Recruitment Plugin – JobWP (CVE-2023-48288) , Jun 07, 2024
WordPress Job Board and Recruitment Plugin – JobWP (d3132dc76d8786c1409d32f3771c3624f40c9f5c) , Jun 07, 2024
New vulnerability
Image License and Protection (CVE-2025-8047) , Aug 27, 2025
Ultimate twitter profile widget (CVE-2025-48321) , Aug 27, 2025
Lazy Load for Videos (CVE-2025-7732) , Aug 27, 2025
PPWP – Password Protect Pages (CVE-2025-5998) , Aug 27, 2025
Ebook Store (CVE-2025-8113) , Aug 27, 2025