PT-2026-52414 · Jacob N. Breetvelt · Wp Photo Album Plus

Published

2026-06-25

Updated

2026-06-25

CVE-2026-54829

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows Blind SQL Injection.

This issue affects WP Photo Album Plus: from n/a through 9.1.13.005.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2026-54829

Affected Products

Wp Photo Album Plus

PT-2026-52414 · Jacob N. Breetvelt · Wp Photo Album Plus

CVE-2026-54829

Weakness Enumeration

Related Identifiers

Affected Products

References · 2