CVE-2016-20077
Received Received - Intake
Local File Inclusion in Photocart Link WordPress Plugin

Publication date: 2026-06-15

Last updated on: 2026-06-15

Assigner: VulnCheck

Description
WordPress Plugin Photocart Link 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php. Attackers can supply base64-encoded file paths in the 'id' parameter to the decode.php endpoint to retrieve sensitive files like wp-config.php containing database credentials and configuration data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-15
Last Modified
2026-06-15
Generated
2026-06-15
AI Q&A
2026-06-15
EPSS Evaluated
N/A
NVD
CVE-2016-20077
EUVD
EUVD-2016-10889
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
kaymeephotography photocart_link 1.6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The WordPress Plugin Photocart Link version 1.6 contains a local file inclusion (LFI) vulnerability due to improper input validation in the decode.php file.

This vulnerability allows unauthenticated attackers to read arbitrary files on the server by supplying base64-encoded file paths via the 'id' parameter to the decode.php endpoint.

By exploiting this flaw, attackers can access sensitive files such as wp-config.php, which contains database credentials and configuration details.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information stored on the server.

  • Attackers can read critical configuration files like wp-config.php.
  • Exposure of database credentials and other configuration data can enable further attacks on the website or database.
  • Since the vulnerability is exploitable without authentication, any remote attacker can potentially exploit it.
Detection Guidance

This vulnerability can be detected by checking for HTTP requests to the decode.php file of the Photocart Link plugin that include a base64-encoded 'id' parameter. Such requests may indicate attempts to exploit the local file inclusion flaw.

A practical detection method is to monitor web server logs for GET requests to decode.php with suspicious base64-encoded parameters.

  • Use grep or similar tools to search access logs for requests to decode.php containing the 'id' parameter, for example: grep "decode.php?id=" /var/log/apache2/access.log
  • Decode the base64 'id' parameter values found in logs to check if they reference sensitive files like '../wp-config.php'.
  • Example command to decode a base64 string (replace BASE64_STRING with the actual string): echo BASE64_STRING | base64 --decode
Mitigation Strategies

Immediate mitigation steps include disabling or removing the vulnerable Photocart Link plugin version 1.6 from your WordPress installation.

If removal is not immediately possible, restrict access to the decode.php file to trusted users only, for example by using web server access controls or firewall rules.

Monitor your logs for suspicious requests targeting decode.php and investigate any unauthorized access attempts.

Consider updating or replacing the plugin with a secure alternative, as the plugin is no longer maintained.

Compliance Impact

This vulnerability allows unauthenticated attackers to read arbitrary files on the server, including sensitive files such as wp-config.php which contain database credentials and configuration data.

Unauthorized disclosure of such sensitive information could lead to violations of data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive data against unauthorized access.

Therefore, exploitation of this vulnerability may result in non-compliance with these common standards and regulations due to the exposure of confidential information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2016-20077. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart