46 matches found
EUVD-2023-49894
Malicious code in bioql PyPI...
EUVD-2025-22267
Malicious code in bioql PyPI...
EUVD-2025-22477
Malicious code in bioql PyPI...
EUVD-2023-26819
Malicious code in bioql PyPI...
EUVD-2024-50726
Malicious code in bioql PyPI...
CVE-2025-8113
The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-8113
CVE-2025-8113 affects the Ebook Store WordPress plugin (versions before 5.8015). The issue is a Reflected Cross-Site Scripting vulnerability where the plugin does not escape the $_SERVER['REQUEST_URI'] when outputting it into an HTML attribute, enabling a crafted URL to inject scripts in vulnerab...
CVE-2025-8113 Ebook Store < 5.8015 - Reflected XSS via $_SERVER['REQUEST_URI']
The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
WordPress plugin Ebook Store 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-54702 WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in motov.net Ebook Store allows Cross Site Request Forgery. This issue affects Ebook Store: from n/a through 5.8013...
CVE-2025-7437
The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-7437
The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-7437 Ebook Store <= 5.8012 - Unauthenticated Arbitrary File Upload
The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...
CVE-2025-7437
The WordPress Ebook Store plugin is vulnerable to arbitrary file uploads due to missing file type validation in the ebook_store_save_form function. Affected versions: all up to and including 5.8012. Exploitation requires no authentication and could allow uploading arbitrary files to the server, p...
PT-2025-30632 · WordPress · Ebook Store
Name of the Vulnerable Software and Affected Versions: Ebook Store plugin for WordPress versions prior to 5.8012 Description: The Ebook Store plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the ebook store save form function. This...
CVE-2025-7486
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-7486
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-7486
CVE-2025-7486 affects the WordPress plugin Ebook Store. The vulnerability is a Stored XSS via Order Details in all versions up to and including 5.8012, exploitable by an authenticated attacker with administrator-level access. It primarily affects multi-site installations and sites where unfiltere...
PT-2025-30352 · WordPress · Ebook Store
Name of the Vulnerable Software and Affected Versions: The Ebook Store plugin for WordPress versions prior to 5.8012 Description: The Ebook Store plugin for WordPress is susceptible to Stored Cross-Site Scripting via the Order Details. Insufficient input sanitization and output escaping allows...
CVE-2025-49862 WordPress Ebook Store plugin <= 5.8008 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in motov.net Ebook Store allows Stored XSS. This issue affects Ebook Store: from n/a through 5.8008...