VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> External Control of File Name or Path
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-21
CVE-2024-12875
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.2 via the file download functionality.
network
low complexity
CWE-73
4.9
4.9
2024-12-21
CVE-2024-12066
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.2.
network
low complexity
CWE-73
8.8
8.8