Home

Description

WordPress Dharma Booking 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attackers can supply file paths with directory traversal sequences or null byte injection to the gateway parameter in proccess.php to read sensitive files like configuration and system files.

PUBLISHED Reserved 2026-06-15 | Published 2026-06-15 | Updated 2026-06-15 | Assigner VulnCheck




MEDIUM: 6.9CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
MEDIUM: 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Product status

Any version
affected

Credits

AMAR^SHG finder

References

www.exploit-db.com/exploits/39592 (ExploitDB-39592) exploit

wordpress.org/plugins/dharma-booking/ (Official Product Homepage) product

www.vulncheck.com/...g-local-file-inclusion-via-proccess-php (VulnCheck Advisory: WordPress Dharma Booking 2.28.3 Local File Inclusion via proccess.php) third-party-advisory

cve.org (CVE-2016-20079)

nvd.nist.gov (CVE-2016-20079)

Download JSON