Ebook Store — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Ebook Store, with AI-generated Chinese analysis, references, and POCs.

Vendor: Shopfiles Ltd

CVE ID	Title	CVSS	Severity	Paused
CVE-2025-8113	Ebook Store < 5.8015 - Reflected XSS via $_SERVER['REQUEST_URI']	6.1^AI	Medium^AI	2025-08-16
CVE-2025-54702	WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability CWE-352	4.3	Medium	2025-08-14
CVE-2025-7437	Ebook Store <= 5.8012 - Unauthenticated Arbitrary File Upload CWE-434	9.8	Critical	2025-07-24
CVE-2025-7486	Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details CWE-79	4.4	Medium	2025-07-21
CVE-2025-49862	WordPress Ebook Store plugin <= 5.8008 - Cross Site Scripting (XSS) Vulnerability CWE-79	5.9	Medium	2025-06-17
CVE-2025-47589	WordPress Ebook Store plugin <= 5.8009 - Cross Site Scripting (XSS) Vulnerability CWE-79	6.5	Medium	2025-05-07
CVE-2024-12262	Ebook Store <= 5.8001 - Reflected Cross-Site Scripting via 'step' CWE-79	6.1	Medium	2024-12-21
CVE-2024-11287	Ebook Store <= 5.8001 - Reflected Cross-Site Scripting CWE-79	6.1	Medium	2024-12-21
CVE-2023-22701	WordPress Ebook Store plugin <= 5.775 - Broken Authentication vulnerability CWE-862	7.5	High	2024-12-09
CVE-2024-6567	Ebook Store <= 5.8001 - Unauthenticated Full Path Disclosure CWE-200	5.3	Medium	2024-08-02
CVE-2024-23501	WordPress Ebook Store Plugin <= 5.788 is vulnerable to Cross Site Scripting (XSS) CWE-79	5.9	Medium	2024-02-29
CVE-2023-45602	WordPress Ebook Store Plugin <= 5.785 is vulnerable to Cross Site Scripting (XSS) CWE-79	7.1	High	2023-10-18
CVE-2023-22690	WordPress Ebook Store Plugin <= 5.775 is vulnerable to Cross Site Scripting (XSS) CWE-79	5.9	Medium	2023-05-15

All 13 known CVE vulnerabilities affecting Ebook Store with full Chinese analysis, references, and POCs where available.