Weaknesses of type CWE-22
4,827 resultsCVE-2026-8756MEDIUMfishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversalEPSS 0.5%CVE-2024-38704MEDIUMWordPress Team Manager plugin <= 2.1.12 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44018HIGHWordPress Instant Chat WP plugin <= 1.0.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44011HIGHWordPress WP Ticket Ultra plugin <= 1.0.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-3330—Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,EPSS 0.5%CVE-2024-35781MEDIUMWordPress Word Balloon plugin <= 4.21.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-45253HIGHAvigilon – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.5%CVE-2026-36726MEDIUMAn arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of bookcars v8.3 allows unauthenticated attackers tEPSS 0.5%CVE-2024-44012HIGHWordPress WP Newsletter Subscription plugin <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-13265MEDIUMlsfusion platform ZipUtils.java unpackFile path traversalEPSS 0.5%CVE-2024-44015HIGHWordPress Users Control plugin <= 1.0.16 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44034HIGHWordPress WPSPX plugin <= 1.0.2 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44016HIGHWordPress Podiant plugin <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-47916HIGHBoa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.5%CVE-2024-44017HIGHWordPress MH Board plugin <= 1.3.2.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-42351HIGHpygeoapi: Path Traversal in STAC FileSystemProviderEPSS 0.5%CVE-2024-49285HIGHWordPress SSV MailChimp plugin <= 3.1.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-22663HIGHWordPress Paid Videochat Turnkey Site plugin <= 7.2.12 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-66905HIGHThe Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths before resolving them against the filesystEPSS 0.5%CVE-2024-52449HIGHWordPress WordPress Bootscraper plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%