Total
137 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-56213 | 1 Themewinter | 1 Eventin | 2026-04-23 | N/A | 6.5 MEDIUM |
| Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7. | |||||
| CVE-2024-56055 | 1 Vibethemes | 1 Wordpress Learning Management System | 2026-04-23 | N/A | 8.5 HIGH |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | |||||
| CVE-2024-56049 | 1 Vibethemes | 1 Wordpress Learning Management System | 2026-04-23 | N/A | 8.5 HIGH |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | |||||
| CVE-2024-56045 | 1 Vibethemes | 1 Wordpress Learning Management System | 2026-04-23 | N/A | 9.3 CRITICAL |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5. | |||||
| CVE-2024-54362 | 2026-04-23 | N/A | 8.1 HIGH | ||
| Path Traversal: '.../...//' vulnerability in boggibill GetShop ecommerce getshop-ecommerce allows Path Traversal.This issue affects GetShop ecommerce: from n/a through <= 1.3. | |||||
| CVE-2024-54216 | 1 Reputeinfosystems | 1 Arforms | 2026-04-23 | N/A | 7.7 HIGH |
| Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms arforms allows Path Traversal.This issue affects ARForms: from n/a through <= 6.4.1. | |||||
| CVE-2024-52498 | 2026-04-23 | N/A | 7.5 HIGH | ||
| Path Traversal: '.../...//' vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | |||||
| CVE-2024-52447 | 2026-04-23 | N/A | 8.6 HIGH | ||
| Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through <= 1.6.1. | |||||
| CVE-2024-52390 | 2026-04-23 | N/A | 4.9 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.This issue affects CYAN Backup: from n/a through <= 2.5.3. | |||||
| CVE-2024-51582 | 1 Thimpress | 1 Wp Hotel Booking | 2026-04-23 | N/A | 7.5 HIGH |
| Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through <= 2.2.9. | |||||
| CVE-2024-49258 | 2026-04-23 | N/A | 6.5 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. | |||||
| CVE-2024-49249 | 2026-04-23 | N/A | 8.6 HIGH | ||
| Path Traversal: '.../...//' vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through <= 2.3. | |||||
| CVE-2024-47324 | 2026-04-23 | N/A | 7.5 HIGH | ||
| Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | |||||
| CVE-2024-38706 | 1 Hasthemes | 1 Ht Mega | 2026-04-23 | N/A | 6.5 MEDIUM |
| Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7. | |||||
| CVE-2026-32415 | 2026-04-22 | N/A | 5.0 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through <= 1.7.7. | |||||
| CVE-2023-7263 | 2026-04-15 | N/A | 7.3 HIGH | ||
| Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been assigned a (CVE)ID:CVE-2023-7263 | |||||
| CVE-2023-7300 | 2026-04-15 | N/A | 8.0 HIGH | ||
| Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.(Vulnerability ID:HWPSIRT-2023-60613) | |||||
| CVE-2024-0067 | 2026-04-15 | N/A | 4.3 MEDIUM | ||
| Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | |||||
| CVE-2025-0858 | 2026-04-15 | N/A | N/A | ||
| A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. | |||||
| CVE-2024-21575 | 2026-04-15 | N/A | 8.6 HIGH | ||
| ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the `image.filename` field in a POST request sent to the `/upload/temp` endpoint added by the extension to the server. This results in writing arbitrary files to the file system which may, under some conditions, result in remote code execution (RCE). | |||||