CVE-2016-20075

HIGH 8.8

WordPress Ultimate Product Catalog 3.8.6 Arbitrary File Upload RCE

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP shells through the Products tab custom file field and access them via the upcp-product-file-uploads directory to execute arbitrary code on the server.

CWE	CWE-863
Vendor	etoilewebdesign
Product	ultimate product catalog
Published	Jun 15, 2026

Stay Ahead of the Next One

Get instant alerts for etoilewebdesign ultimate product catalog

Be the first to know when new high vulnerabilities affecting etoilewebdesign ultimate product catalog are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Etoilewebdesign / Ultimate Product Catalog

3.8.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/40012 etoilewebdesign.com: http://www.EtoileWebDesign.com/ vulncheck.com: https://www.vulncheck.com/advisories/wordpress-ultimate-product-catalog-arbitrary-file-upload-rce

Credits

Joaquin Ramirez Martinez [ i0akiN SEC-LABORATORY ]