EUVD-2022-48683

Malicious code in bioql PyPI...

CVE-2025-8562

The Custom Query Shortcode plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.4.0 via the 'lens' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of files on the server, which can...

CVE-2024-38704 WordPress Team Manager plugin <= 2.1.12 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in DynamicWebLab WordPress Team Manager allows PHP Local File Inclusion.This issue affects WordPress Team Manager: from n/a through 2.1.12...

CVE-2024-3107

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 2.12.6 via the getblockdefaultattributes function. This allows authenticated attackers, with contributor-level permissions and above, to read the contents of any files...

CVE-2023-47843 WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Deletion

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...