cleantalk
Vulnerabilities and Security Researches

Ebook Store, CVE-2025-8113

CVE, Research URL

CVE-2025-8113

Home page URL

Security reports for Ebook Store

Application

Ebook Store

Published on
Aug 16, 2025
Research Description
The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Affected versions
Min -, max 5.8015.
Status
vulnerable
Previous vulnerability researches
YDS Support Ticket System (CVE-2024-55985) , Dec 21, 2024
YDS Support Ticket System (CVE-2022-36388) , Jun 10, 2024
New vulnerability
Post Type Converter (CVE-2025-48303) , Aug 27, 2025
WP Shopify (CVE-2025-7808) , Aug 27, 2025
Image License and Protection (CVE-2025-8047) , Aug 27, 2025
Ultimate twitter profile widget (CVE-2025-48321) , Aug 27, 2025
Lazy Load for Videos (CVE-2025-7732) , Aug 27, 2025