Vulnerabilities > Blackandwhitedigital > Bookpress

DATE CVE VULNERABILITY TITLE RISK
2025-02-07 CVE-2025-25167 Missing Authorization vulnerability in Blackandwhitedigital Bookpress 1.2.7
Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows Exploiting Incorrectly Configured Access Control Security Levels.
network
low complexity
blackandwhitedigital CWE-862
critical
9.8
2025-02-07 CVE-2025-25168 Cross-Site Request Forgery (CSRF) vulnerability in Blackandwhitedigital Bookpress 1.2.7
Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress – For Book Authors allows Cross-Site Scripting (XSS).
network
low complexity
blackandwhitedigital CWE-352
6.1