VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 19 of 275
  • CVE-2025-40629HigMay 16, 2025
    risk 0.57cvss epss 0.01

    PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulating file paths in HTTP requests. Specifically, the application is vulnerable to requests that access sensitive files outside the…

  • CVE-2025-4564CriMay 15, 2025
    risk 0.57cvss 9.8epss 0.01

    The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete…

  • CVE-2025-2158HigMay 10, 2025
    risk 0.57cvss 8.8epss 0.01

    The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. This makes it possible for authenticated attackers, with…

  • CVE-2025-2817HigApr 29, 2025
    risk 0.57cvss 8.8epss 0.01

    Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing…

  • CVE-2025-3404HigApr 19, 2025
    risk 0.57cvss 8.8epss 0.01

    The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the savePackage function in all versions up to, and including, 3.3.12. This makes it possible for authenticated attackers, with Author-level access and…

  • CVE-2025-3021HigMar 31, 2025
    risk 0.57cvss epss 0.00

    Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint.

  • CVE-2025-27718HigMar 28, 2025
    risk 0.57cvss 8.8epss 0.01

    Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file upload process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained…

  • CVE-2025-2505CriMar 20, 2025
    risk 0.57cvss 9.8epss 0.01

    The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution…

  • CVE-2024-13725CriFeb 18, 2025
    risk 0.57cvss 9.8epss 0.01

    The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any…

  • CVE-2024-48914CriOct 15, 2024
    risk 0.57cvss 9.1epss 0.60

    Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files,…

  • CVE-2024-7146HigAug 16, 2024
    risk 0.57cvss 8.8epss 0.01

    The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and…

  • CVE-2024-28698CriJul 22, 2024
    risk 0.57cvss 9.8epss 0.01

    Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component.

  • CVE-2024-5456HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.01

    The Panda Video plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.0 via the 'selected_button' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute…

  • CVE-2024-2385HigJul 4, 2024
    risk 0.57cvss 8.8epss 0.01

    The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.4 via several of the plugin's widgets through the 'style' attribute. This makes it possible for authenticated attackers, with contributor-level…

  • CVE-2024-4098CriJun 20, 2024
    risk 0.57cvss 9.8epss 0.01

    The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uu_fetch_sharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the…

  • CVE-2024-5179HigJun 6, 2024
    risk 0.57cvss 8.8epss 0.01

    The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'item_style' and 'style' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to…

  • CVE-2024-33628HigJun 4, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2.

  • CVE-2024-5147CriMay 22, 2024
    risk 0.57cvss 9.8epss 0.01

    The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.37 via the 'grid_style' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary…

  • CVE-2023-5504HigJan 11, 2024
    risk 0.57cvss 8.7epss 0.01

    The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server.…

  • CVE-2023-2278CriJun 13, 2023
    risk 0.57cvss 9.8epss 0.02

    The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdk_public_action' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any…