[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJBQLwvQ6DUi9xEjYlSMzradeXPCuBBSmQQJTGx4t_mY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":30,"research_verified":31,"research_rounds_completed":32,"research_plan":33,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":34,"research_started_at":35,"research_completed_at":36,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":31,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":31,"source_links":37},"CVE-2026-54829","wp-photo-album-plus-unauthenticated-sql-injection-2","WP Photo Album Plus \u003C= 9.1.13.005 - Unauthenticated SQL Injection","The WP Photo Album Plus plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 9.1.13.005 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","wp-photo-album-plus",null,"\u003C=9.1.13.005","9.2.01.001","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:N\u002FA:N","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","2026-06-17 00:00:00","2026-06-23 15:54:13",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa1373d87-cc75-4f53-8293-eebc5a0ace95?source=api-prod",7,[22,23,24,25,26,27,28,29],"blocks\u002Fcommon\u002Findex.php","changelog.txt","readme.txt","wppa-admin-functions.php","wppa-admin-local-js.php","wppa-admin.php","wppa-adminbar.php","wppa-ajax.php","researched",false,3,"# WP Photo Album Plus \u003C= 9.1.13.005 - Unauthenticated SQL Injection Research Plan\n\n## 1. Vulnerability Summary\nThe **WP Photo Album Plus** plugin for WordPress is vulnerable to **Unauthenticated SQL Injection** in versions up to and including **9.1.13.005**. The vulnerability exists because the plugin handles user-supplied parameters in AJAX actions via the `wppa_ajax_callback` function and incorporates them into SQL queries without sufficient escaping or using `$wpdb->prepare()`. Specifically, the plugin uses a custom wrapper `wppa_get_results()` which, in many instances, is called with raw SQL strings built via concatenation.\n\n## 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **WordPress Action:** `wppa` (Registered for both `wp_ajax_` and `wp_ajax_nopriv_`)\n*   **Plugin Action (sub-action):** Determined by the `wppa-action` (or sometimes `action`) parameter. Likely candidates for unauthenticated injection are `search`, `photo-list`, or `get-album-list`.\n*   **Vulnerable Parameter:** `wppa-album`, `wppa-photo`, `wppa-searchstring`, or `wppa-occur`.\n*   **Authentication:** Not required (**Unauthenticated**).\n*   **Preconditions:** Plugin version \u003C= 9.1.13.005 must be active.\n\n##","gemini-3-flash-preview","2026-06-25 22:26:13","2026-06-25 22:27:57",{"type":38,"vulnerable_version":39,"fixed_version":11,"vulnerable_browse":40,"vulnerable_zip":41,"fixed_browse":42,"fixed_zip":43,"all_tags":44},"plugin","9.1.13.005","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwp-photo-album-plus\u002Ftags\u002F9.1.13.005","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-photo-album-plus.9.1.13.005.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwp-photo-album-plus\u002Ftags\u002F9.2.01.001","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-photo-album-plus.9.2.01.001.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwp-photo-album-plus\u002Ftags"]