HIGH
Husain
CVE published 2026-06-15
CVE-2016-20081
CVE-2016-20081 is a path traversal vulnerability in WordPress Plugin HB Audio Gallery Lite 1.0.0. This vulnerability allows unauthenticated attackers to download arbitrary files by manipulating the file_path parameter in requests to the audio-download.php endpoint. Attackers can use directory traversal sequences to access sensitive files like wp-config.php outside the intended gallery directory.