VYPR

Wp Books Gallery

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-5347MedApr 24, 2026
    risk 0.34cvss 5.3epss 0.00

    The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admin_init hook that handles the permalink settings update at line 205-209 of…

  • CVE-2023-23705May 23, 2023
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.