Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2025-02-18 CVE-2024-13535 Path Traversal vulnerability in Marcoingraiti Actionwear products Sync
The Actionwear products sync plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.3.0.
network
low complexity
marcoingraiti CWE-22
5.3
5.3
2025-02-18 CVE-2024-13538 Path Traversal vulnerability in Bigbuy Dropshipping Connector for Woocommerce
The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.9.19.
network
low complexity
bigbuy CWE-22
5.3
5.3
2025-02-18 CVE-2024-13725 Path Traversal vulnerability in Keap Official OPT in Forms
The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter.
network
low complexity
keap CWE-22
critical
 9.8
9.8
2025-02-16 CVE-2025-1357 A vulnerability classified as problematic has been found in Seventh D-Guard up to 20250206.
network
low complexity
CWE-22
4.3
4.3
2025-02-16 CVE-2025-1336 Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic.
network
low complexity
cmseasy CWE-22
8.1
8.1
2025-02-16 CVE-2025-1335 Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9.
network
low complexity
cmseasy CWE-22
8.1
8.1
2025-02-15 CVE-2025-0822 Path Traversal vulnerability in Bitapps BIT Assist 1.1.9
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter.
network
low complexity
bitapps CWE-22
6.5
6.5
2025-02-14 CVE-2024-56477 IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-02-14 CVE-2024-13791 Path Traversal vulnerability in Bitapps BIT Assist 1.1.9
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function.
network
low complexity
bitapps CWE-22
4.9
4.9
2025-02-12 CVE-2025-1228 A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6.
network
low complexity
CWE-22
4.3
4.3