Weaknesses of type CWE-35
170 resultsCVE-2025-53561MEDIUMWordPress Prevent files / folders access Plugin <= 2.6.0 - Path Traversal VulnerabilityEPSS 0.4%CVE-2023-41793MEDIUMPath Traversal and Untrusted Upload FileEPSS 0.4%CVE-2025-48317HIGHWordPress WooCommerce Payment Gateway for Saferpay Plugin <= 0.4.9 - Path Traversal VulnerabilityEPSS 0.4%CVE-2026-7302CRITICALCVE-2026-7302EPSS 0.4%CVE-2024-0067MEDIUMMarinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allEPSS 0.4%CVE-2025-39492HIGHWordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2026-42661HIGHWordPress WP Customer Area plugin <= 8.3.4 - Path Traversal vulnerabilityEPSS 0.4%CVE-2025-69325MEDIUMWordPress Primer MyData for Woocommerce plugin <= 4.2.8 - Path Traversal vulnerabilityEPSS 0.4%CVE-2026-25705HIGHRancher Extensions have arbitrary file access via path traversalEPSS 0.4%CVE-2026-42274HIGHHeimdall: Authorization bypass via path normalization mismatchEPSS 0.4%CVE-2025-20320MEDIUMDenial of Service (DoS) through “User Interface - Views“ configuration page in Splunk EnterpriseEPSS 0.4%CVE-2025-39491HIGHWordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-48090HIGHWordPress Blanka - One Page WordPress Theme Theme < 1.5 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-8051MEDIUMPath traversal validation vulnerability has been discovered in opentext Flipper.EPSS 0.4%CVE-2025-26940MEDIUMWordPress Pie Register Premium plugin <= 3.8.3.2 - Path Traversal to Non-Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-52805HIGHWordPress Leyka plugin <= 3.32.1 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2025-43907MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 releasEPSS 0.4%CVE-2025-24907MEDIUMHitachi Vantara Pentaho Data Integration & Analytics – Path TraversalEPSS 0.4%CVE-2026-52703CRITICALWordPress FastDup plugin <= 2.7.2 - Path Traversal vulnerabilityEPSS 0.3%CVE-2026-49112HIGHWordPress Shared Files plugin <= 1.7.64 - Path Traversal vulnerabilityEPSS 0.3%