📦

photo_album_plugin

Vendor: wordpress

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 1.63% Exploit Prob.

Latest CVE CVE-2008-0939 Feb 25

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-0939

Exploit Found

Multiple SQL injection vulnerabilities in wppa.php in the WP Photo Album (WPPA) before 1.1 plugin for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the photo parameter to index.php, used by the wppa_photo_name function; or (2) the album parameter to index.php, used by the wppa_album_name function. NOTE: some of these details are obtained from third party information.

EPSS: 1.63%

Severity: HIGH

Feb 25, 2008

Displaying 1 of 1 Total Entries

Total 1 Sections