CVE-2023-36822
CVE-2023-36822 affects Uptime Kuma prior to 1.22.1. A path traversal vulnerability exists in the plugin installation flow: authenticated users can trigger removal checks on the plugin installation directory (via API endpoints still available after login) and, because plugins aren’t validated/sani...