CVE-2026-35483

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

CVE-2022-50992 Weaver E-cology 9.5 Unauthenticated Arbitrary File Read via XmlRpcServlet

Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...

CVE-2022-50992 Weaver E-cology 9.5 Unauthenticated Arbitrary File Read via XmlRpcServlet

Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...

EUVD-2026-19665

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

CVE-2026-35483 text-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authentication

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

PT-2026-8389

Name of the Vulnerable Software and Affected Versions WP Maps – Store Locator, Google Maps, OpenStreetMap, Mapbox, Listing, Directory & Filters plugin for WordPress versions prior to 4.8.7 Description The WP Maps plugin for WordPress is susceptible to a Local File Inclusion issue. This allows...

CVE-2025-12493

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.2.5 via the 'loadtemplate' function. This makes it possible for unauthenticated...

CVE-2025-12493 ShopLentor <= 3.2.5 - Unauthenticated Local PHP File Inclusion via 'load_template'

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.2.5 via the 'loadtemplate' function. This makes it possible for unauthenticated...

VulnCheck KEV: CVE-2025-2294

The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing...

PT-2022-24984 · WordPress · Ultimate Member Plugin

Name of the Vulnerable Software and Affected Versions: Ultimate Member Plugin versions up to 2.5.0 Description: A critical issue has been found in the Template Handler component, specifically affecting the load template function of the file includes/core/class-shortcodes.php. The manipulation of...

CVE-2022-3966 Ultimate Member Plugin Template class-shortcodes.php load_template pathname traversal

A vulnerability, which was classified as critical, has been found in Ultimate Member Plugin up to 2.5.0. This issue affects the function loadtemplate of the file includes/core/class-shortcodes.php of the component Template Handler. The manipulation of the argument tpl leads to pathname traversal...

CVE-2018-7768

The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter...

Directory traversal

Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a loadtemplate action to wp-admin/admin-ajax.php...