VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 2 known issues Latest disclosed Apr 23, 2026

WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes Vulnerabilities

Review known vulnerability records for the WordPress plugin WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes (`wp-books-gallery`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2026-5347 and CVE-2023-23705, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
2
High or Critical
0
Patch Coverage
100%
Last Updated
Apr 23, 2026
Priority CVE Quick Links

Fast paths into WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
2
CVE-2026-5347 Medium 4.8.1
CVE-2026-5347 WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes Vulnerability

WP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' Parameter

CVE-2023-23705 Medium 4.4.9
CVE-2023-23705 WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes Cross-Site Request Forgery

WordPress Books Gallery <= 4.4.8 - Cross-Site Request Forgery leading to Plugin Settings Changes

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
2 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 0 high severity findings.
Recent CVEs
CVE-2026-5347 and CVE-2023-23705
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for WP Books Gallery – Build Stunning Book Showcases & Libraries in Minutes

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2026-5347
CVE-2026-5347: WP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' Parameter

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admin_init hook that handles the permalink settings update at line 205-209 of wp-b...

Published
Apr 23, 2026
Patched Release
4.8.1
Affected Versions
Versions up to 4.8.0
Next Step
Update to 4.8.1 or newer if supported.
Open CVE-2026-5347 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2023-23705
CVE-2023-23705: WordPress Books Gallery <= 4.4.8 - Cross-Site Request Forgery leading to Plugin Settings Changes

The WordPress Books Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.8. This is due to missing or incorrect nonce validation on the 'wbg-api-import.php' file and the functions 'wbg_gallery_settings', 'wbg_search_panel_...

Published
Feb 20, 2023
Patched Release
4.4.9
Affected Versions
Versions up to 4.4.8
Next Step
Update to 4.4.9 or newer if supported.
Open CVE-2023-23705 Report Open CVE Reference