Weaknesses of type CWE-22

4,816 results
CVE-2025-62353CRITICALA path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read and write arbitrary local files in and outEPSS 0.6%CVE-2025-8141HIGHRedirection for Contact Form 7 <= 3.2.4 - Unauthenticated Arbitrary File DeletionEPSS 0.6%CVE-2024-37108HIGHWordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-5509MEDIUMquequnlong shiyi-blog upload path traversalEPSS 0.6%CVE-2026-23536HIGHFeast: unauthenticated arbitrary file readEPSS 0.6%CVE-2024-11585HIGHWP Hide & Security Enhancer <= 2.5.1 - Missing Authorization to Unauthenticated Arbitrary File Contents DeletionEPSS 0.6%CVE-2025-42977HIGHDirectory Traversal vulnerability in SAP NetWeaver Visual ComposerEPSS 0.6%CVE-2024-2203MEDIUMThe Plus Addons for Elementor <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Clients WidgetEPSS 0.6%CVE-2026-6248HIGHwpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Arbitrary File Deletion via Custom Profile Field File PathEPSS 0.6%CVE-2024-31231CRITICALWordPress Rehub theme <= 19.6.1 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-12060HIGHKeras keras.utils.get_file Utility Path Traversal VulnerabilityEPSS 0.6%CVE-2025-7098MEDIUMComodo Internet Security Premium File Name path traversalEPSS 0.6%CVE-2026-27489HIGHONNX: Path Traversal via SymlinkEPSS 0.6%CVE-2026-40086MEDIUMRembg has a Path Traversal via Custom Model LoadingEPSS 0.6%CVE-2025-12638HIGHPath Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file()EPSS 0.6%CVE-2026-1588MEDIUMjishenghua jshERP installByPath install path traversalEPSS 0.6%CVE-2025-32950MEDIUMio.jmix.localfs:jmix-localfs has a Path Traversal in Local File StorageEPSS 0.6%CVE-2024-6141HIGHWindscribe Directory Traversal Local Privilege Escalation VulnerabilityEPSS 0.6%CVE-2023-25050HIGHWordPress Shortcodes Ultimate plugin <= 5.12.6 - Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2026-48020HIGHTraefik StripPrefix Route-Level Auth Bypass via Path NormalizationEPSS 0.6%