CVE-2016-20077

MEDIUM

WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-20077. PoCs published by CrashBandicot.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in the WordPress Photocart Link plugin (version 1.6). The vulnerability exists in the 'decode.php' file, which decodes a base64-encoded path from the 'id' parameter and reads the file without proper validation, allowing arbitrary file access.

Description

WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoint to retrieve sensitive files like wp-config.php containing database credentials and configuration data.

Exploits (1)

exploitdb WORKING POC VERIFIED

by CrashBandicot · textwebappsphp

https://www.exploit-db.com/exploits/39623

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in the WordPress Photocart Link plugin (version 1.6). The vulnerability exists in the 'decode.php' file, which decodes a base64-encoded path from the 'id' parameter and reads the file without proper validation, allowing arbitrary file access.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin Photocart Link 1.6

No auth needed

Prerequisites: WordPress installation with Photocart Link plugin version 1.6

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Jun 15, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-39623

https://www.exploit-db.com/exploits/39623

Product product

Official Product Homepage

https://fr.wordpress.org/plugins/photocart-link/

Third Party Advisory third-party-advisory

VulnCheck Advisory: WordPress Plugin Photocart Link 1.6 Local File Inclusion via decode.php

https://www.vulncheck.com/advisories/wordpress-plugin-photocart-link-local-file-inclusion-via-decode-php

Scores

CVSS v3 6.2

EPSS 0.0037

EPSS Percentile 29.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-98

Status published

Products (1)

KaymeePhotography/Photocart Link 1.6

Published Jun 15, 2026

Tracked Since Jun 15, 2026