cleantalk
Vulnerabilities and Security Researches

Ebook Store, CVE-2025-8113

CVE, Research URL

CVE-2025-8113

Home page URL

Security reports for Ebook Store

Application

Ebook Store

Published on
Aug 16, 2025
Research Description
The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Affected versions
Min -, max 5.8015.
Status
vulnerable
Previous vulnerability researches
Snow Storm (b9155ea27a956bb6aecadd924fc7ba8cfeaf37c3) , Mar 22, 2025
Snow Storm (CVE-2025-30858) , Apr 05, 2025
New vulnerability
Hesabfa Accounting (CVE-2025-48362) , Aug 28, 2025
Hesabfa Accounting (CVE-2025-48361) , Aug 28, 2025
Statify Widget (CVE-2025-48322) , Aug 28, 2025
百度分享按钮 (CVE-2025-48320) , Aug 28, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-6790) , Aug 28, 2025