VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 33 of 275
  • CVE-2025-6989HigJul 26, 2025
    risk 0.53cvss 8.1epss 0.00

    The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the delete_font() function in all versions up to, and including, 4.21.0. This makes it possible for authenticated attackers, with Contributor-level access and…

  • CVE-2025-7640HigJul 24, 2025
    risk 0.53cvss 8.1epss 0.01

    The hiWeb Export Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.0.0. This is due to missing or incorrect nonce validation on the tool-dashboard-history.php file. This makes it possible for unauthenticated…

  • CVE-2025-7645HigJul 22, 2025
    risk 0.53cvss 8.1epss 0.01

    The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3.2.8. This makes it…

  • CVE-2025-4946HigJul 2, 2025
    risk 0.53cvss 8.1epss 0.01

    The Vikinger theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the vikinger_delete_activity_media_ajax() function in all versions up to, and including, 1.9.32. This makes it possible for authenticated attackers, with…

  • CVE-2025-39473HigJun 9, 2025
    risk 0.53cvss 8.1epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebGeniusLab Seofy Core seofy-core allows PHP Local File Inclusion.This issue affects Seofy Core: from n/a through <= 1.6.8.

  • CVE-2025-3055HigJun 5, 2025
    risk 0.53cvss 8.1epss 0.01

    The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with…

  • CVE-2025-41229HigMay 20, 2025
    risk 0.53cvss 8.2epss 0.01

    VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.

  • CVE-2025-26692HigApr 28, 2025
    risk 0.53cvss 8.1epss 0.01

    Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, arbitrary code may be executed by a remote unauthenticated attacker with the Windows system privilege where the product is…

  • CVE-2025-3520HigApr 18, 2025
    risk 0.53cvss 8.1epss 0.01

    The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 0.1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete…

  • CVE-2025-32587HigApr 11, 2025
    risk 0.53cvss 8.1epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in pickupp WooCommerce Pickupp wc-pickupp allows PHP Local File Inclusion.This issue affects WooCommerce Pickupp: from n/a through <= 2.4.3.

  • CVE-2025-30582HigApr 10, 2025
    risk 0.53cvss 8.1epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in aytechnet DyaPress ERP/CRM dyapress allows PHP Local File Inclusion.This issue affects DyaPress ERP/CRM: from n/a through <= 18.0.2.0.

  • CVE-2025-2270HigApr 4, 2025
    risk 0.53cvss 8.1epss 0.01

    The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. This makes it possible for unauthenticated attackers to include and execute files…

  • CVE-2025-27932HigMar 28, 2025
    risk 0.53cvss 8.1epss 0.01

    Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an attacker may delete a file on the…

  • CVE-2024-54909HigFeb 6, 2025
    risk 0.53cvss 8.1epss 0.00

    A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path parameter of the /api/resource/local/download endpoint, where manipulation of this parameter can lead to arbitrary file download.

  • CVE-2024-55587HigDec 12, 2024
    risk 0.53cvss 8.8epss 0.02

    python-libarchive through 4.2.1 allows directory traversal (to create files) in extract in zip.py for ZipFile.extractall and ZipFile.extract.

  • CVE-2024-10516HigDec 6, 2024
    risk 0.53cvss 8.1epss 0.06

    The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 2.3.7.1 via the 'ajaxify' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing…

  • CVE-2024-41971HigNov 18, 2024
    risk 0.53cvss 8.1epss 0.01

    A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss.

  • CVE-2024-51990CriNov 7, 2024
    risk 0.53cvss epss 0.01

    jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause `jj` to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid…

  • CVE-2024-6885HigJul 23, 2024
    risk 0.53cvss 8.1epss 0.01

    The MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the maxi_remove_custom_image_size and maxi_add_custom_image_size functions in all versions up to, and…

  • CVE-2024-36267HigMay 30, 2024
    risk 0.53cvss 8.1epss 0.01

    Path traversal vulnerability exists in Redmine DMSF Plugin versions prior to 3.1.4. If this vulnerability is exploited, a logged-in user may obtain or delete arbitrary files on the server (within the privilege of the Redmine process).