The BookPress plugin for WordPress, used by authors to publish their books, has a security issue. This allows hackers to trick site administrators into making changes or clicking on links that can insert harmful code into the website. This problem affects all versions up to 1.2.7 and is caused by a missing or incorrect security check.