Title: PHP Code execution vulnerability
Last modified: August 21, 2016

---

# PHP Code execution vulnerability

 *  Resolved [cervoise](https://wordpress.org/support/users/cervoise/)
 * (@cervoise)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/php-code-execution-vulnerability/)
 * Hi,
 * I’ve noticied to [plugins@wordpress.org](https://wordpress.org/support/topic/php-code-execution-vulnerability/plugins@wordpress.org?output_format=md)
   a vulnerability in your plugin. It allows remote php code execution for users
   with some rigths on photo album.
 * Did you get the info?
 * [http://wordpress.org/plugins/wp-photo-album-plus/](http://wordpress.org/plugins/wp-photo-album-plus/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Jacob N. Breetvelt](https://wordpress.org/support/users/opajaap/)
 * (@opajaap)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/php-code-execution-vulnerability/#post-4243368)
 * No i did not, please mail me: opajaap at opajaap dot nl with details
 *  Plugin Author [Jacob N. Breetvelt](https://wordpress.org/support/users/opajaap/)
 * (@opajaap)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/php-code-execution-vulnerability/#post-4243425)
 * You would please me very much with detailed info on mail address opajaap at opajaap
   dot nl
 *  Plugin Author [Jacob N. Breetvelt](https://wordpress.org/support/users/opajaap/)
 * (@opajaap)
 * [12 years, 7 months ago](https://wordpress.org/support/topic/php-code-execution-vulnerability/#post-4243427)
 * Fixed in version 5.1.13. Uploading zipfiles is now restricted to administrators
   only. For security reasons.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘PHP Code execution vulnerability’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wp-photo-album-plus.svg)
 * [WP Photo Album Plus](https://wordpress.org/plugins/wp-photo-album-plus/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-photo-album-plus/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-photo-album-plus/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-photo-album-plus/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-photo-album-plus/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-photo-album-plus/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Jacob N. Breetvelt](https://wordpress.org/support/users/opajaap/)
 * Last activity: [12 years, 7 months ago](https://wordpress.org/support/topic/php-code-execution-vulnerability/#post-4243427)
 * Status: resolved