Shopfiles Ebook_store

8 CVEs affecting Shopfiles Ebook_store. Latest disclosed: 2025-08-16. Critical: 0, High: 2.

Top CVEs affecting Shopfiles Ebook_store
CVESeverityScorePublishedSummary
CVE-2023-22701High7.52024-12-09Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebo…
CVE-2023-45602High7.12023-10-18Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.785 versions.
CVE-2025-8113Medium6.12025-08-16The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lea…
CVE-2024-12262Medium6.12024-12-21The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'step' parameter in all versions up to, and including, 5.8001 due…
CVE-2024-11287Medium6.12024-12-21The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in…
CVE-2024-23501Medium5.92024-02-29Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue af…
CVE-2023-22690Medium5.92023-05-15Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions.
CVE-2024-6567Medium5.32024-08-02The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This is due to the plugin utilizing fp…