Weaknesses of type CWE-22

4,809 results
CVE-2026-25785CRITICALPath traversal vulnerability exists in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow aEPSS 0.6%CVE-2025-23819HIGHWordPress WP Cloud plugin <= 1.4.3 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-30793HIGHWordPress Houzez Property Feed plugin <= 2.5.4 - Arbitrary File Download VulnerabilityEPSS 0.6%CVE-2025-30882HIGHWordPress JS Help Desk plugin <= 2.9.1 - Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2018-25393HIGHNavigate CMS 2.8.5 Path Traversal via navigate_download.phpEPSS 0.6%CVE-2026-33242HIGHSalvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway BypassEPSS 0.6%CVE-2024-8165MEDIUMChengdu Everbrite Network Technology BeikeShop export exportZip path traversalEPSS 0.6%CVE-2024-52371HIGHWordPress Global Gateway e4 plugin <= 2.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-8815MEDIUM猫宁i Morning Shiro Configuration index path traversalEPSS 0.6%CVE-2026-42196CRITICALdjango-s3file: Relative path traversalEPSS 0.6%CVE-2025-5993CRITICALPath Traversal in ITCube CRMEPSS 0.6%CVE-2025-10986MEDIUMPath traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker withEPSS 0.6%CVE-2026-9102CRITICALPath Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File WriteEPSS 0.6%CVE-2026-7403MEDIUMgeldata gel-mcp server.py fetch_rule path traversalEPSS 0.6%CVE-2024-37513HIGHWordPress WPCafe plugin <= 2.2.27 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-9215MEDIUMStoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File DownloadEPSS 0.6%CVE-2025-3686MEDIUMmisstt123 oasys show image path traversalEPSS 0.6%CVE-2023-51401MEDIUMWordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2024-51958MEDIUMDirectory traversal vulnerability in the admin api for service thumbnailsEPSS 0.6%CVE-2024-56286HIGHWordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Local File Inclusion vulnerabilityEPSS 0.6%