Browse all 4 CVE security advisories affecting Shopfiles Ltd. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Shopfiles Ltd operates as a file management and e-commerce platform, enabling businesses to store, share, and sell digital products. Historically, the organization has been associated with common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and access control mechanisms. While no major public security incidents have been widely documented, the presence of four CVEs indicates persistent security challenges, particularly in web application security. The platform's reliance on user-uploaded content and third-party integrations likely contributes to its vulnerability profile, necessitating robust security measures to mitigate risks associated with file handling and transaction processing.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-22701 | WordPress Ebook Store plugin <= 5.775 - Broken Authentication vulnerability — Ebook StoreCWE-862 | 7.5 | High | 2024-12-09 |
| CVE-2024-23501 | WordPress Ebook Store Plugin <= 5.788 is vulnerable to Cross Site Scripting (XSS) — Ebook StoreCWE-79 | 5.9 | Medium | 2024-02-29 |
| CVE-2023-45602 | WordPress Ebook Store Plugin <= 5.785 is vulnerable to Cross Site Scripting (XSS) — Ebook StoreCWE-79 | 7.1 | High | 2023-10-18 |
| CVE-2023-22690 | WordPress Ebook Store Plugin <= 5.775 is vulnerable to Cross Site Scripting (XSS) — Ebook StoreCWE-79 | 5.9 | Medium | 2023-05-15 |
This page lists every published CVE security advisory associated with Shopfiles Ltd. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.