What the vulnerability does
01Description
WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wp_abspath parameter. Attackers can supply path traversal sequences or remote URLs through the wp_abspath parameter to read sensitive files like wp-config.php or execute remote code.
Explanation of Vulnerability in Simple Terms
02Summary
Brandfolder versions 3.0 and earlier contain a local information disclosure vulnerability. An attacker with local access to the system can read sensitive data without requiring authentication or user interaction. The vulnerability affects confidentiality but not integrity or availability. Update to a version newer than 3.0.
What an attacker can do
03Attacker Capabilities
Read sensitive information from the local system without authentication.
Potential impact on your site
04Site Impact
If Brandfolder is deployed on your infrastructure, local users or processes can access confidential data.
Conditions required to exploit
05Prerequisites
Local access to the system where Brandfolder is installed.
Key dates
06Disclosure timeline
June 15, 2026
CVE published
June 15, 2026
Record updated