Vulnerabilities and Security Researches

WP Photo Album Plus, CVE-2026-6379

CVE, Research URL: CVE-2026-6379
Home page URL: Security reports for WP Photo Album Plus
Application: WP Photo Album Plus
Published on: May 18, 2026
Research Description: The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks.
Affected versions: max 9.1.11.001.
Status: vulnerable