CVE-2016-20064
Deferred Deferred - Pending Action
Local File Inclusion in WP Vault Plugin

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: VulnCheck

Description
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitive files like system configuration and credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2016-20064
EUVD
EUVD-2016-10877
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
myasui wp_vault 0.8.6.6
wp_vault wp_vault 0.8.6.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2016-20064 is a local file inclusion (LFI) vulnerability in the WordPress plugin WP Vault version 0.8.6.6. It occurs because the plugin does not properly sanitize the 'wpv-image' GET parameter before using it in an include or require statement.

Attackers can exploit this flaw by supplying directory traversal sequences (e.g., '../../../../../../../../../../etc/passwd') through the 'wpv-image' parameter, which allows them to read arbitrary files on the server.

This vulnerability can be exploited without authentication, enabling unauthorized users to access sensitive files such as system configuration files and credentials.

Impact Analysis

This vulnerability can have significant impacts by allowing unauthenticated attackers to read sensitive files on the server hosting the WP Vault plugin.

  • Unauthorized disclosure of system configuration files.
  • Exposure of credentials and other sensitive data.
  • Potentially aiding attackers in further compromising the system by gathering critical information.
Detection Guidance

This vulnerability can be detected by attempting to exploit the local file inclusion flaw through the 'wpv-image' GET parameter. You can send crafted HTTP requests containing directory traversal sequences to check if arbitrary files can be read.

  • Use curl or wget to send a request with a path traversal payload, for example: curl "http://targetsite.com/wp-content/plugins/wp-vault/?wpv-image=../../../../../../../../../../etc/passwd"
  • Monitor web server logs for suspicious requests containing directory traversal patterns in the 'wpv-image' parameter.
  • Use network intrusion detection systems (NIDS) to detect HTTP requests with suspicious traversal sequences targeting the 'wpv-image' parameter.
Mitigation Strategies

Immediate mitigation steps include disabling or removing the vulnerable WP Vault plugin version 0.8.6.6 from your WordPress installation to prevent exploitation.

If removal is not immediately possible, restrict access to the vulnerable plugin directory via web server configuration to prevent unauthenticated access.

Implement input validation or sanitization on the 'wpv-image' parameter to prevent directory traversal sequences from being processed.

Monitor your system for any signs of exploitation and review logs for suspicious activity related to this vulnerability.

Compliance Impact

The vulnerability allows unauthenticated attackers to read arbitrary sensitive files, including system configuration and credentials, by exploiting a local file inclusion flaw. This unauthorized access to sensitive data could lead to violations of data protection standards and regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information from unauthorized access.

Specifically, the exposure of system configuration and credential files may result in the compromise of personal data or protected health information, thereby impacting compliance with these regulations. Organizations using the affected WP Vault plugin version 0.8.6.6 should consider this vulnerability a risk to their data security and regulatory compliance posture.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2016-20064. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart