CVE-2016-20080 MEDIUM

CVE-2016-20080: WordPress Brandfolder Plugin 3.0 Local File Inclusion via callback.php

Vendor Brandfolder
Product Brandfolder
Weakness CWE-98 · PHP file inclusion
Published June 15, 2026
Last update June 15, 2026

CVSS base score

6.9/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wp_abspath parameter. Attackers can supply path traversal sequences or remote URLs through the wp_abspath parameter to read sensitive files like wp-config.php or execute remote code.

Explanation of Vulnerability in Simple Terms

02Summary

Brandfolder versions 3.0 and earlier contain a local information disclosure vulnerability. An attacker with local access to the system can read sensitive data without requiring authentication or user interaction. The vulnerability affects confidentiality but not integrity or availability. Update to a version newer than 3.0.

What an attacker can do

03Attacker Capabilities

Read sensitive information from the local system without authentication.

Potential impact on your site

04Site Impact

If Brandfolder is deployed on your infrastructure, local users or processes can access confidential data.

Conditions required to exploit

05Prerequisites

Local access to the system where Brandfolder is installed.

Key dates

06Disclosure timeline

June 15, 2026 CVE published
June 15, 2026 Record updated

Related vulnerabilities

08Related CVE