CRITICAL
Jacob N. Breetvelt
CVE published 2026-06-15
CVE-2026-39511
CVE-2026-39511 is a critical unauthenticated SQL injection vulnerability in WP Photo Album Plus versions <= 9.1.08.001. The vulnerability has a CVSS score of 9.3 and is considered critical. It was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-39511) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2026-39511).