Falhas do tipo CWE-22
4.836 resultadosCVE-2026-8442HIGHWP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) Arbitrary File Deletion via 'myaction' ParameterEPSS 0.5%CVE-2024-39688MEDIUMfishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config functionEPSS 0.5%CVE-2024-41726HIGHPath traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary eEPSS 0.5%CVE-2025-26752HIGHWordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-29787HIGHzip Vulnerable to Incorrect Path Canonicalization During Archive Extraction, Leading to Arbitrary File WriteEPSS 0.5%CVE-2026-33656CRITICALEspoCRM vulnerable to authenticated RCE via Formula with path traversal in attachment `sourceId`, exploitable by admin userEPSS 0.5%CVE-2026-25869MEDIUMMiniGal Nano <= 0.3.5 Path Traversal via dir ParameterEPSS 0.5%CVE-2023-40026MEDIUMPath traversal allows leaking out-of-bound Helm charts from Argo CD repo-serverEPSS 0.5%CVE-2026-48866CRITICALWordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2023-46784HIGHWordPress ICS Calendar plugin <= 10.12.0.3 - SSRF and Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2022-2184—CAPTCHA 4WP < 7.1.0 - Local File Inclusion via CSRFEPSS 0.5%CVE-2025-48744MEDIUMIn SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution.EPSS 0.5%CVE-2024-23607MEDIUMF5OS QKView utility vulnerabilityEPSS 0.5%CVE-2020-37086MEDIUMEasy Transfer 1.7 for iOS - Directory TraversalEPSS 0.5%CVE-2023-46988MEDIUMPath Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating thEPSS 0.5%CVE-2024-33541MEDIUMWordPress Better Elementor Addons plugin <= 1.4.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2021-47942HIGHHome Assistant Community Store 1.10.0 Path Traversal Account TakeoverEPSS 0.5%CVE-2024-38716MEDIUMWordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-45709MEDIUMSolarWinds Web Help Desk Local File Read VulnerabilityEPSS 0.5%CVE-2024-13471HIGHDesignThemes Core Features <= 4.7 - Missing Authorization to Unauthenticated Arbitrary File Read via dt_process_imported_fileEPSS 0.5%