Grand Photography WordPress <= 5.7.8 - Unauthenticated PHP Object Injection
Grand Photography WordPress has a PHP object injection issue. An unauthenticated attacker may trigger unsafe code paths. No patch is known, so remove or replace it until fixed.
Quick answer
Grand Photography WordPress should be reviewed and updated if it matches the affected versions. The recommended fix is to apply the vendor-supported patched version or the mitigation steps below, then retest the public website with Fixnx.
Who is affected
Affected versions
- Grand Photography WordPress up to and including 5.7.8
Fixed versions
- No known patched version is available; remove or replace Grand Photography WordPress until a vendor fix is released
How to fix it
Grand Photography WordPress has no known patch for this issue. The safest fix is to remove it or replace it until the vendor releases a fixed version.
- Back up the site and database.
- Disable and remove Grand Photography WordPress.
- Replace it with a maintained plugin or theme if the feature is still needed.
- Review admin users, uploaded files, and recent site changes for abuse.
Scan now. Google sign-in is only needed to unlock fix guidance.
Verify the fix
- Confirm Grand Photography WordPress is no longer active on the site.
- Run a new scan and confirm the CVE is no longer reported.
Related categories
Trusted references
FAQ
What is affected by CVE-2026-57770?
Grand Photography WordPress versions listed as affected should be reviewed: Grand Photography WordPress up to and including 5.7.8.
What should I fix first?
Start with internet-facing sites, admin panels, login flows, plugins, themes, modules, packages, and systems that process user-controlled input or sensitive data.
How do I confirm the fix worked?
Apply the patched version or mitigation, clear caches where relevant, retest the affected workflow, and run a new Fixnx scan to verify public website exposure signals.
How are Fixnx security risk categories chosen?
Fixnx keeps one canonical risk page and assigns only broad, relevant categories such as ecosystem, technology area, or vulnerability class.
