Total
156 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56055 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-23 | 8.5 High |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56049 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-23 | 8.5 High |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56045 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-23 | 9.3 Critical |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5. | ||||
| CVE-2024-54362 | 2026-04-23 | 8.1 High | ||
| Path Traversal: '.../...//' vulnerability in boggibill GetShop ecommerce getshop-ecommerce allows Path Traversal.This issue affects GetShop ecommerce: from n/a through <= 1.3. | ||||
| CVE-2024-54313 | 2026-04-23 | 6.5 Medium | ||
| Path Traversal: '.../...//' vulnerability in FULL. FULL Customer full-customer allows Path Traversal.This issue affects FULL Customer: from n/a through <= 3.1.25. | ||||
| CVE-2024-54216 | 1 Reputeinfosystems | 1 Arforms | 2026-04-23 | 7.7 High |
| Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms arforms allows Path Traversal.This issue affects ARForms: from n/a through <= 6.4.1. | ||||
| CVE-2024-52498 | 1 Softpulse Infotech | 1 Sp Blog Designer | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | ||||
| CVE-2024-52447 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.6 High |
| Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through <= 1.6.1. | ||||
| CVE-2024-52390 | 2026-04-23 | 4.9 Medium | ||
| Path Traversal: '.../...//' vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.This issue affects CYAN Backup: from n/a through <= 2.5.3. | ||||
| CVE-2024-51582 | 1 Thimpress | 1 Wp Hotel Booking | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through <= 2.2.9. | ||||
| CVE-2024-49258 | 2026-04-23 | 6.5 Medium | ||
| Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. | ||||
| CVE-2024-49249 | 2026-04-23 | 8.6 High | ||
| Path Traversal: '.../...//' vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through <= 2.3. | ||||
| CVE-2024-47324 | 1 Ex-themes | 1 Wp Timeline | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | ||||
| CVE-2024-38706 | 1 Hasthemes | 1 Ht Mega | 2026-04-23 | 6.5 Medium |
| Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7. | ||||
| CVE-2025-64676 | 1 Microsoft | 2 Office Purview, Purview | 2026-04-20 | 7.2 High |
| '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-1763 | 1 Ge Vernova | 1 Enervista | 2026-04-17 | 4.6 Medium |
| Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions. | ||||
| CVE-2026-26124 | 1 Microsoft | 3 Aci Confidential Containers, Confidental Containers, Microsoft Aci Confidential Containers | 2026-04-15 | 6.7 Medium |
| '.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2023-7263 | 2026-04-15 | 7.3 High | ||
| Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been assigned a (CVE)ID:CVE-2023-7263 | ||||
| CVE-2023-7300 | 2026-04-15 | 8 High | ||
| Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.(Vulnerability ID:HWPSIRT-2023-60613) | ||||
| CVE-2025-24908 | 2026-04-15 | 6.8 Medium | ||
| Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. (CWE-35) Description Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2, including 9.3.x and 8.3.x, do not sanitize a user input used as a file path through the UploadFile service. Impact This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. | ||||