Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-07 | CVE-2025-25163 | Path Traversal vulnerability in Pluginab Plugin A/B Image Optimizer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. | 9.8 |
| 2025-02-06 | CVE-2025-0859 | Path Traversal vulnerability in Boldgrid Post and Page Builder The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. | 6.5 |
| 2025-02-06 | CVE-2025-0799 | IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories. | 6.5 |
| 2025-02-03 | CVE-2025-24605 | Path Traversal vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal. | 7.2 |
| 2025-02-03 | CVE-2025-0973 | Path Traversal vulnerability in Cmseasy 7.7.7.9 A vulnerability classified as critical was found in CmsEasy 7.7.7.9. | 6.5 |
| 2025-02-01 | CVE-2025-0365 | Path Traversal vulnerability in Artbees Jupiter X Core The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. | 6.5 |
| 2025-02-01 | CVE-2024-51534 | Path Traversal vulnerability in Dell Data Domain Operating System Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. | 7.1 |
| 2025-01-31 | CVE-2025-0493 | The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. | 9.8 |
| 2025-01-30 | CVE-2025-0572 | Path Traversal vulnerability in Santesoft Sante Pacs Server Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. | 4.3 |
| 2025-01-30 | CVE-2025-0573 | Path Traversal vulnerability in Santesoft Sante Pacs Server Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. | 5.3 |