VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-13
CVE-2025-1785
The Download Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.08 via the 'wpdm_newfile' action.
network
low complexity
CWE-22
5.4
5.4
2025-03-12
CVE-2025-2215
A vulnerability classified as critical was found in Doufox up to 0.2.0.
network
low complexity
CWE-22
4.7
4.7
2025-03-11
CVE-2025-2193
Path Traversal vulnerability in Mrcms 3.1.2
A vulnerability has been found in MRCMS 3.1.2 and classified as critical.
network
low complexity
mrcms
CWE-22
8.1
8.1
2025-03-11
CVE-2025-27395
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0).
network
low complexity
CWE-22
7.2
7.2
2025-03-11
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0).
network
low complexity
CWE-22
3.8
3.8
2025-03-11
CVE-2025-1661
Path Traversal vulnerability in Pluginus Husky - products Filter Professional for Woocommerce
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the woof_text_search AJAX action.
network
low complexity
pluginus
CWE-22
critical
9.8
9.8
2025-03-07
CVE-2024-10804
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file.
network
low complexity
CWE-22
7.5
7.5
2025-03-07
CVE-2024-12035
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cs_widget_file_delete() function in all versions up to, and including, 6.9.
network
low complexity
CWE-22
8.8
8.8
2025-03-06
CVE-2025-2032
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2.
low complexity
CWE-22
3.5
3.5
2025-03-06
CVE-2024-13897
The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22.
network
low complexity
CWE-22
6.5
6.5
«
Previous
1
2
...
4
5
6
(current)
7
8
...
377
378
»
Next