9941 matches found
EUVD-2026-39492
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...
Nevma Adaptive Images - Arbitrary File Deletion
Nevma Adaptive Images plugin before 0.6.67 for WordPress contains an arbitrary file deletion caused by unsanitized input in adaptive-images-script.php, letting remote attackers delete arbitrary files, exploit requires sending specific request parameters. id: CVE-2019-14206 info: name: Nevma...
Telesquare TLR-2855KS6 - Arbitrary File Deletion
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts. id: CVE-2021-46419 info: name: Telesquare TLR-2855KS6 - Arbitrary File Deletion author: DhiyaneshDK severity: critical description: | An unauthorized file deleti...
WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete...
Kaswara Modern VC Addons <= 3.0.1 - Missing Authorization
The Kaswara Modern VC Addons plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.0.1 due to insufficient capability checking on various AJAX actions. This makes it possible for unauthenticated attackers to perform a wide variety of unauthorized actions...
NCBI ToolBox - Directory Traversal
NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which may result in reading of arbitrary files i.e., significant information disclosure or file deletion via the nph-viewgif.cgi query string. id: CVE-2018-16716 info: name: NCBI ToolBox -...
Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion
Wordpress Quiz and Survey Master 7.0.1 allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsmremovefilefdquestion, which allowed...
CVE-2026-56066
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...
CVE-2026-57321
The CVE-2026-57321 entry concerns the WordPress H5P plugin versions up to 1.17.7, describing an Arbitrary File Deletion vulnerability. The connected documents confirm the affected product (H5P WordPress plugin) and the issue type (arbitrary file deletion) with a CVSS v3.1 base score of 7.1 (High)...
EUVD-2026-39733
Contributor Arbitrary File Deletion in H5P = 1.17.7 versions...
EUVD-2026-39719
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...
CVE-2026-56066 WordPress ShortPixel Adaptive Images plugin <= 3.11.4 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images = 3.11.4 versions...
CVE-2026-56054
CVE-2026-56054 affects the WordPress JS Help Desk plugin (versions <= 3.1.1). The vulnerability allows Arbitrary File Deletion within the plugin, with impact described as high (availability impact) and CVSS 3.1 base score 7.7. The advisory does not provide root cause specifics or remediation s...
EUVD-2026-39383
Subscriber Arbitrary File Deletion in JS Help Desk = 3.1.1 versions...
CVE-2026-56054 WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability
Subscriber Arbitrary File Deletion in JS Help Desk = 3.1.1 versions...
EUVD-2026-39113
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL...
EUVD-2026-39112
ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-9774
ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-9775
ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadSSL...
CVE-2026-9775
CVE-2026-9775 concerns ATEN Unizon uploadSSL, where a directory traversal flaw allows an attacker to delete arbitrary files due to improper validation of a user-supplied path in file operations. The vulnerability can result in file deletion or denial-of-service, with authentication required and n...