Cross-Site Scripting Vulnerability in RS WP Themes RS WP Book Showcase
CVE-2025-47679

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Rs WP Book Showcase
Vendor: CVE Published:; 7 May 2025

Summary

A Cross-site Scripting (XSS) vulnerability exists in RS WP Themes' RS WP Book Showcase plugin, enabling attackers to exploit improperly neutralized input during web page generation. This vulnerability can lead to unauthorized script execution in the user's browser, potentially compromising sensitive information and user sessions. The issue affects versions from n/a through 6.7.40, emphasizing the necessity for users to apply the latest security patches and updates to safeguard their websites.

Affected Version(s)

RS WP Book Showcase <= 6.7.40

References

https://patchstack.com/database/wordpress/plugin/rs-wp-bo...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
May 7, 2025

Credit

Peter Thaleikis (Patchstack Alliance)