6 matches found
EUVD-2024-47639
Malicious code in bioql PyPI...
CVE-2025-54702
Cross-Site Request Forgery CSRF vulnerability in motov.net Ebook Store ebook-store allows Cross Site Request Forgery.This issue affects Ebook Store: from n/a through = 5.8013...
CVE-2025-7486 Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-7486 Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-49862
CVE-2025-49862 is a Stored Cross-Site Scripting vulnerability in the WordPress Ebook Store plugin (versions n/a through 5.8008) caused by improper input neutralization during web page generation. Affected products and version range are corroborated by NVD/Red Hat/Wordfence entries; Wordfence list...
CVE-2024-12262 Ebook Store <= 5.8001 - Reflected Cross-Site Scripting via 'step'
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'step' parameter in all versions up to, and including, 5.8001 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scrip...