CVE-2016-20077 - Vulnerability Details

- WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php

Description

WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoint to retrieve sensitive files like wp-config.php containing database credentials and configuration data.

Published: 2026-06-15

Score: 6.9 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

KaymeePhotography

Photocart Link

affected

Version	Status	Constraints
`1.6`	affected	—

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://fr.wordpress.org/plugins/photocart-link/
https://www.exploit-db.com/exploits/39623
https://www.vulncheck.com/advisories/wordpress-plugin-photocart-link-local-file-inclusion-via-decode-php

History

Mon, 15 Jun 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 15 Jun 2026 14:00:00 +0000

Type	Values Removed	Values Added
Description		WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoint to retrieve sensitive files like wp-config.php containing database credentials and configuration data.
Title		WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php
Weaknesses		CWE-98
References		https://fr.wordpress.org/plugins/photocart-link/ https://www.exploit-db.com/exploits/39623 https://www.vulncheck.com/advisories/wordpress-plugin-photocart-link-local-file-inclusion-via-decode-php
Metrics		cvssV3_1 `{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2026-06-15T12:00:45.076Z

Updated: 2026-06-15T15:13:23.880Z

Reserved: 2026-06-15T11:44:39.821Z

Link: CVE-2016-20077

Vulnrichment

Updated: 2026-06-15T15:13:18.628Z

NVD

Status : Received

Published: 2026-06-15T14:16:31.077

Modified: 2026-06-15T14:16:31.077

Link: CVE-2016-20077

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object