6 matches found
CVE-2026-14372
The Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteFiles function in all versions up to, and including, 3.1.1 This makes it possible for...
EUVD-2024-17369
Malicious code in bioql PyPI...
CVE-2024-1629
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...
PT-2024-11774 · Fdupes +1 · Fdupes +1
Name of the Vulnerable Software and Affected Versions: FDUPES versions prior to 2.2.0 Description: A TOCTOU race condition in the deletefiles function allows for arbitrary file deletion via a symlink. Recommendations: For FDUPES versions prior to 2.2.0, update to version 2.2.0 or later to resolve...
CVE-2022-2431
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles function found in the /Admin/Menu/Packages.php file that triggers upon download post deletion...