CVE-2017-20250 HIGH

CVE-2017-20250: WordPress Plugin Mac Photo Gallery 3.0 Arbitrary File Download

Vendor Apptha
Product Mac Photo Gallery
Weakness CWE-22 · Path traversal
Published June 9, 2026
Last update June 9, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the albid parameter. Attackers can send requests to macdownload.php with directory traversal sequences to access sensitive files like wp-load.php outside the intended plugin directory.

Explanation of Vulnerability in Simple Terms

02Summary

Mac Photo Gallery versions 3.0 and later contain a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files from the server through specially crafted requests. No user interaction is required. The vulnerability affects file confidentiality but not integrity or availability.

What an attacker can do

03Attacker Capabilities

Read arbitrary files from the server, including configuration files and sensitive data.

Potential impact on your site

04Site Impact

Attackers can access sensitive files like database credentials, configuration, and private user data without logging in.

Conditions required to exploit

05Prerequisites

Network access to the application; no authentication or user interaction required.

Key dates

06Disclosure timeline

June 9, 2026 CVE published
June 9, 2026 Record updated

Related vulnerabilities

08Related CVE