Known Vulnerabilities for products from Shopfiles
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Shopfiles".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-12262 json | The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'step' parameter in all versions... | Not Provided | 2024-12-21 | 2026-04-08 |
| CVE-2024-11287 json | The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without ... | Not Provided | 2024-12-21 | 2026-04-08 |
| CVE-2024-6567 json | The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This... | Not Provided | 2024-08-02 | 2026-04-08 |
| CVE-2023-45602 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.785 versions. | 6.1 - MEDIUM | 2023-10-18 | 2023-10-25 |
| CVE-2023-22690 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions. | 4.8 - MEDIUM | 2023-05-15 | 2023-05-22 |