Description
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows remote authenticated administrators to execute arbitrary SQL commands via the tableprefix parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contextual Related Posts Cross-Site Request Forgery (2.9.3)
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-49586)
XWikiplatform Other Vulnerability (CVE-2024-46978)
Internet Information Services Other Vulnerability (CVE-1999-0253)
Oracle JRE Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-22018)