Weaknesses of type CWE-22

4,827 results
CVE-2026-48866CRITICALWordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-26752HIGHWordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2023-40026MEDIUMPath traversal allows leaking out-of-bound Helm charts from Argo CD repo-serverEPSS 0.5%CVE-2025-48744MEDIUMIn SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution.EPSS 0.5%CVE-2022-2184CAPTCHA 4WP < 7.1.0 - Local File Inclusion via CSRFEPSS 0.5%CVE-2024-23607MEDIUMF5OS QKView utility vulnerabilityEPSS 0.5%CVE-2020-37086MEDIUMEasy Transfer 1.7 for iOS - Directory TraversalEPSS 0.5%CVE-2023-46784HIGHWordPress ICS Calendar plugin <= 10.12.0.3 - SSRF and Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2026-33747HIGHBuildKit vulnerable to malicious frontend causing file escape outside of storage rootEPSS 0.5%CVE-2023-46988MEDIUMPath Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating thEPSS 0.5%CVE-2025-41755MEDIUMArbitrary Read with ubr-logreadEPSS 0.5%CVE-2024-38772MEDIUMWordPress JetWidgets for Elementor and WooCommerce plugin <= 1.1.7 - Contributor+ Limited Local File Inclusion vulnerabilityEPSS 0.5%CVE-2021-47942HIGHHome Assistant Community Store 1.10.0 Path Traversal Account TakeoverEPSS 0.5%CVE-2024-38715MEDIUMWordPress ExS Widgets plugin <= 0.3.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-45709MEDIUMSolarWinds Web Help Desk Local File Read VulnerabilityEPSS 0.5%CVE-2024-33541MEDIUMWordPress Better Elementor Addons plugin <= 1.4.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-38716MEDIUMWordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-61624MEDIUMAn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerability in Fortinet FortiOS 7.6.0 through 7EPSS 0.5%CVE-2024-13471HIGHDesignThemes Core Features <= 4.7 - Missing Authorization to Unauthenticated Arbitrary File Read via dt_process_imported_fileEPSS 0.5%CVE-2024-11834HIGHArbitrary File Write via PTRAC ImportEPSS 0.5%