CVE-2025-7437
📋 TL;DR
The Ebook Store WordPress plugin allows unauthenticated attackers to upload arbitrary files due to missing file type validation. This vulnerability affects all versions up to 5.8012 and can lead to remote code execution on vulnerable WordPress sites.
💻 Affected Systems
- WordPress Ebook Store plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise via remote code execution, allowing attackers to install malware, steal data, or use the server for further attacks.
Likely Case
Attackers upload web shells to gain persistent access, deface websites, or install cryptocurrency miners.
If Mitigated
File uploads blocked or restricted to safe file types only, preventing code execution.
🎯 Exploit Status
The vulnerability is simple to exploit with publicly available proof-of-concept code.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.8013 or later
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3328355
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Ebook Store' and click 'Update Now'. 4. Verify plugin version is 5.8013 or higher.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the Ebook Store plugin until patched
Restrict file uploads via .htaccess
linuxBlock PHP file uploads to the plugin's upload directory
<FilesMatch "\.(php|php5|php7|phtml|phar)$">
Order Allow,Deny
Deny from all
</FilesMatch>
🧯 If You Can't Patch
- Implement web application firewall rules to block suspicious file uploads
- Restrict file permissions on upload directories to prevent execution
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins for Ebook Store version ≤5.8012Check Version:
wp plugin list --name='ebook-store' --field=versionVerify Fix Applied:
Confirm plugin version is 5.8013 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads to /wp-content/uploads/ebook-store/
- POST requests to ebook_store_save_form with executable file extensions
Network Indicators:
- HTTP POST requests with file uploads to WordPress endpoints containing 'ebook_store'
SIEM Query:
source="web_logs" AND (uri_path="*ebook_store*" AND method="POST" AND file_extension IN ("php", "phtml", "phar"))