CWE-35
Path Traversal: '.../...//'
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
CVE-2025-30966 (GCVE-0-2025-30966)
Vulnerability from cvelistv5 – Published: 2025-04-15 21:53 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress WPJobBoard plugin < 5.11.1 - Path Traversal vulnerability
Summary
Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects WPJobBoard: from n/a through n/a.
Severity
5.4 (Medium)
CWE
- CWE-35 - Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NotFound | WPJobBoard |
Affected:
n/a , < 5.11.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30966",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T13:15:18.835633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:41:03.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wpjobboard",
"product": "WPJobBoard",
"vendor": "NotFound",
"versions": [
{
"changes": [
{
"at": "5.11.1",
"status": "unaffected"
}
],
"lessThan": "5.11.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ananda Dhakal (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePath Traversal vulnerability in NotFound WPJobBoard allows Path Traversal.\u003c/p\u003e\u003cp\u003eThis issue affects WPJobBoard: from n/a through n/a.\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects WPJobBoard: from n/a through n/a."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:02.205Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wpjobboard/vulnerability/wordpress-wpjobboard-plugin-5-11-1-path-traversal-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress WPJobBoard plugin to the latest available version (at least 5.11.1)."
}
],
"value": "Update the WordPress WPJobBoard plugin to the latest available version (at least 5.11.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WPJobBoard plugin \u003c 5.11.1 - Path Traversal vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-30966",
"datePublished": "2025-04-15T21:53:14.341Z",
"dateReserved": "2025-03-26T09:22:27.935Z",
"dateUpdated": "2026-04-28T16:12:02.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32585 (GCVE-0-2025-32585)
Vulnerability from cvelistv5 – Published: 2025-04-11 08:42 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through <= 1.2.
Severity
7.5 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Trusty Plugins | Shop Products Filter |
Affected:
0 , ≤ 1.2
(custom)
|
Date Public
2026-04-01 16:38
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32585",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T13:53:54.283415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T13:54:08.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "trusty-woo-products-filter",
"product": "Shop Products Filter",
"vendor": "Trusty Plugins",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LVT-tholv2k | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:38:52.102Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.\u003cp\u003eThis issue affects Shop Products Filter: from n/a through \u003c= 1.2.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through \u003c= 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:24.903Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/trusty-woo-products-filter/vulnerability/wordpress-shop-products-filter-plugin-1-2-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"title": "WordPress Shop Products Filter Plugin \u003c= 1.2 - Local File Inclusion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-32585",
"datePublished": "2025-04-11T08:42:57.793Z",
"dateReserved": "2025-04-09T11:20:15.875Z",
"dateUpdated": "2026-04-28T16:12:24.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32950 (GCVE-0-2025-32950)
Vulnerability from cvelistv5 – Published: 2025-04-22 17:14 – Updated: 2025-05-27 17:07
VLAI
Title
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
Summary
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the application server has the necessary permissions. This can be accomplished either by modifying the FileRef directly in the database or by supplying a harmful value in the fileRef parameter of the `/files` endpoint of the generic REST API. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website.
Severity
6.5 (Medium)
CWE
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://github.com/jmix-framework/jmix/security/a… | x_refsource_CONFIRM |
| https://github.com/jmix-framework/jmix/issues/3804 | x_refsource_MISC |
| https://github.com/jmix-framework/jmix/issues/3836 | x_refsource_MISC |
| https://github.com/jmix-framework/jmix/commit/6a6… | x_refsource_MISC |
| https://github.com/jmix-framework/jmix/commit/c58… | x_refsource_MISC |
| https://github.com/jmix-framework/jmix/commit/cc9… | x_refsource_MISC |
| https://github.com/jmix-framework/jmix/commit/f4e… | x_refsource_MISC |
| https://docs.jmix.io/jmix/files-vulnerabilities.html | x_refsource_MISC |
| https://docs.jmix.io/jmix/files-vulnerabilities.h… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| jmix-framework | jmix |
Affected:
>= 1.0.0, < 1.6.2
Affected: >= 2.0.0, < 2.4.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T19:56:35.680766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T16:03:22.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jmix",
"vendor": "jmix-framework",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.6.2"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the FileRef parameter to access files on the system where the Jmix application is deployed, provided the application server has the necessary permissions. This can be accomplished either by modifying the FileRef directly in the database or by supplying a harmful value in the fileRef parameter of the `/files` endpoint of the generic REST API. This issue has been patched in versions 1.6.2 and 2.4.0. A workaround is provided on the Jmix documentation website."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T17:07:11.796Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-jx4g-3xqm-62vh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jmix-framework/jmix/security/advisories/GHSA-jx4g-3xqm-62vh"
},
{
"name": "https://github.com/jmix-framework/jmix/issues/3804",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/issues/3804"
},
{
"name": "https://github.com/jmix-framework/jmix/issues/3836",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/issues/3836"
},
{
"name": "https://github.com/jmix-framework/jmix/commit/6a66aa3adb967159a30d703e80403406f4c8f7a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/commit/6a66aa3adb967159a30d703e80403406f4c8f7a2"
},
{
"name": "https://github.com/jmix-framework/jmix/commit/c589ef4e2b25620770b8036f4ad05f1a6250cb6a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/commit/c589ef4e2b25620770b8036f4ad05f1a6250cb6a"
},
{
"name": "https://github.com/jmix-framework/jmix/commit/cc97e6ff974b9e7af8160fab39cc5866169daa37",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/commit/cc97e6ff974b9e7af8160fab39cc5866169daa37"
},
{
"name": "https://github.com/jmix-framework/jmix/commit/f4e6fb05bd245cf36f3e9319aaa0fcd540d024aa",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jmix-framework/jmix/commit/f4e6fb05bd245cf36f3e9319aaa0fcd540d024aa"
},
{
"name": "https://docs.jmix.io/jmix/files-vulnerabilities.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html"
},
{
"name": "https://docs.jmix.io/jmix/files-vulnerabilities.html#fix-path-traversal-in-jmix-application",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.jmix.io/jmix/files-vulnerabilities.html#fix-path-traversal-in-jmix-application"
}
],
"source": {
"advisory": "GHSA-jx4g-3xqm-62vh",
"discovery": "UNKNOWN"
},
"title": "io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32950",
"datePublished": "2025-04-22T17:14:43.211Z",
"dateReserved": "2025-04-14T21:47:11.450Z",
"dateUpdated": "2025-05-27T17:07:11.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39467 (GCVE-0-2025-39467)
Vulnerability from cvelistv5 – Published: 2025-11-06 15:53 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress Wanderland theme <= 1.7.1 - Local File Inclusion Vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through <= 1.7.1.
Severity
8.1 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Theme/w… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Mikado-Themes | Wanderland |
Affected:
0 , ≤ 1.7.1
(custom)
|
Date Public
2026-04-22 14:25
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T19:06:45.329615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T19:06:50.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wanderland",
"product": "Wanderland",
"vendor": "Mikado-Themes",
"versions": [
{
"changes": [
{
"at": "1.7.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bonds | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-22T14:25:22.939Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.\u003cp\u003eThis issue affects Wanderland: from n/a through \u003c= 1.7.1.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through \u003c= 1.7.1."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:32.199Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Theme/wanderland/vulnerability/wordpress-wanderland-1-7-1-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"title": "WordPress Wanderland theme \u003c= 1.7.1 - Local File Inclusion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39467",
"datePublished": "2025-11-06T15:53:33.195Z",
"dateReserved": "2025-04-16T06:23:36.340Z",
"dateUpdated": "2026-04-28T16:12:32.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39470 (GCVE-0-2025-39470)
Vulnerability from cvelistv5 – Published: 2025-04-18 04:30 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress Ivy School theme <= 1.6.0 - Local File Inclusion Vulnerability
Summary
Path Traversal: '.../...//' vulnerability in ThimPress Ivy School ivy-school allows PHP Local File Inclusion.This issue affects Ivy School: from n/a through <= 1.6.0.
Severity
8.1 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Theme/i… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ThimPress | Ivy School |
Affected:
0 , ≤ 1.6.0
(custom)
|
Date Public
2026-04-01 16:39
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T11:27:47.998577Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-18T11:27:59.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ivy-school",
"product": "Ivy School",
"vendor": "ThimPress",
"versions": [
{
"changes": [
{
"at": "1.6.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bonds | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:39:19.265Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in ThimPress Ivy School ivy-school allows PHP Local File Inclusion.\u003cp\u003eThis issue affects Ivy School: from n/a through \u003c= 1.6.0.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in ThimPress Ivy School ivy-school allows PHP Local File Inclusion.This issue affects Ivy School: from n/a through \u003c= 1.6.0."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:32.232Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Theme/ivy-school/vulnerability/wordpress-ivy-school-1-6-0-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"title": "WordPress Ivy School theme \u003c= 1.6.0 - Local File Inclusion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39470",
"datePublished": "2025-04-18T04:30:31.772Z",
"dateReserved": "2025-04-16T06:23:43.558Z",
"dateUpdated": "2026-04-28T16:12:32.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39475 (GCVE-0-2025-39475)
Vulnerability from cvelistv5 – Published: 2025-06-09 15:54 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress Arlo theme <= 6.0.3 - Local File Inclusion Vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through <= 6.0.3.
Severity
8.1 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Theme/a… | vdb-entry |
Date Public
2026-04-01 16:39
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T13:39:23.839605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T13:39:29.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "arlo",
"product": "Arlo",
"vendor": "Frenify",
"versions": [
{
"lessThanOrEqual": "6.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bonds | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:39:20.329Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.\u003cp\u003eThis issue affects Arlo: from n/a through \u003c= 6.0.3.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through \u003c= 6.0.3."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:32.366Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Theme/arlo/vulnerability/wordpress-arlo-6-0-3-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"title": "WordPress Arlo theme \u003c= 6.0.3 - Local File Inclusion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39475",
"datePublished": "2025-06-09T15:54:15.232Z",
"dateReserved": "2025-04-16T06:23:43.558Z",
"dateUpdated": "2026-04-28T16:12:32.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39491 (GCVE-0-2025-39491)
Vulnerability from cvelistv5 – Published: 2025-05-16 15:45 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability
Summary
Path Traversal vulnerability in WHMPress WHMpress allows Path Traversal. This issue affects WHMpress: from 6.2 through revision.
Severity
8.1 (High)
CWE
- CWE-35 - Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T16:20:01.725788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T16:20:07.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://codecanyon.net",
"defaultStatus": "unaffected",
"packageName": "whmpress",
"product": "WHMpress",
"vendor": "WHMPress",
"versions": [
{
"lessThanOrEqual": "revision",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bonds (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePath Traversal vulnerability in WHMPress WHMpress allows Path Traversal.\u003c/p\u003e\u003cp\u003eThis issue affects WHMpress: from 6.2 through revision.\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in WHMPress WHMpress allows Path Traversal. This issue affects WHMpress: from 6.2 through revision."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:32.640Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/whmpress/vulnerability/wordpress-whmpress-plugin-6-2-revision-9-local-file-inclusion-vulnerability-2?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WHMpress plugin \u003c= 6.2-revision-9 - Local File Inclusion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39491",
"datePublished": "2025-05-16T15:45:26.153Z",
"dateReserved": "2025-04-16T06:23:58.700Z",
"dateUpdated": "2026-04-28T16:12:32.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39492 (GCVE-0-2025-39492)
Vulnerability from cvelistv5 – Published: 2025-05-16 15:45 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress WHMpress plugin <= 6.2-revision-9 - Local File Inclusion vulnerability
Summary
Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision.
Severity
7.5 (High)
CWE
- CWE-35 - Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T16:20:17.532183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T16:20:22.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://codecanyon.net",
"defaultStatus": "unaffected",
"packageName": "whmpress",
"product": "WHMpress",
"vendor": "WHMPress",
"versions": [
{
"lessThanOrEqual": "revision",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bonds (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePath Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal.\u003c/p\u003e\u003cp\u003eThis issue affects WHMpress: from 6.2 through revision.\u003c/p\u003e"
}
],
"value": "Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision."
}
],
"impacts": [
{
"capecId": "CAPEC-139",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-139 Relative Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:32.741Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/whmpress/vulnerability/wordpress-whmpress-plugin-6-2-revision-9-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WHMpress plugin \u003c= 6.2-revision-9 - Local File Inclusion vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39492",
"datePublished": "2025-05-16T15:45:25.612Z",
"dateReserved": "2025-04-16T06:23:58.700Z",
"dateUpdated": "2026-04-28T16:12:32.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-39598 (GCVE-0-2025-39598)
Vulnerability from cvelistv5 – Published: 2025-04-16 12:44 – Updated: 2026-04-28 16:12
VLAI
Title
WordPress Administrator Z plugin <= 2025.03.28 - Directory Traversal Vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Quý Lê 91 Administrator Z administrator-z allows Path Traversal.This issue affects Administrator Z: from n/a through <= 2025.03.28.
Severity
4.9 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Quý Lê 91 | Administrator Z |
Affected:
0 , ≤ 2025.03.28
(custom)
|
Date Public
2026-04-01 16:39
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39598",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T13:15:05.398789Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:32:35.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "administrator-z",
"product": "Administrator Z",
"vendor": "Qu\u00fd L\u00ea 91",
"versions": [
{
"changes": [
{
"at": "2025.03.30",
"status": "unaffected"
}
],
"lessThanOrEqual": "2025.03.28",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Xuan Chien | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:39:35.815Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Qu\u00fd L\u00ea 91 Administrator Z administrator-z allows Path Traversal.\u003cp\u003eThis issue affects Administrator Z: from n/a through \u003c= 2025.03.28.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Qu\u00fd L\u00ea 91 Administrator Z administrator-z allows Path Traversal.This issue affects Administrator Z: from n/a through \u003c= 2025.03.28."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:12:35.742Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/administrator-z/vulnerability/wordpress-administrator-z-2025-03-28-directory-traversal-vulnerability?_s_id=cve"
}
],
"title": "WordPress Administrator Z plugin \u003c= 2025.03.28 - Directory Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-39598",
"datePublished": "2025-04-16T12:44:17.890Z",
"dateReserved": "2025-04-16T06:27:02.093Z",
"dateUpdated": "2026-04-28T16:12:35.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40573 (GCVE-0-2025-40573)
Vulnerability from cvelistv5 – Published: 2025-05-13 09:38 – Updated: 2025-07-08 10:34
VLAI
Summary
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attacks.
This could allow a privileged local attacker to restore backups that are outside the backup folder.
Severity
4.4 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SCALANCE LPE9403 |
Affected:
0 , < V4.0 HF0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40573",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T18:43:18.390791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T18:43:32.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCALANCE LPE9403",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0 HF0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions \u003c V4.0 HF0). Affected devices are vulnerable to path traversal attacks.\r\nThis could allow a privileged local attacker to restore backups that are outside the backup folder."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T10:34:37.967Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-327438.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-40573",
"datePublished": "2025-05-13T09:38:56.842Z",
"dateReserved": "2025-04-16T08:20:17.031Z",
"dateUpdated": "2025-07-08T10:34:37.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-5.1
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, the ".../...//" manipulation is useful for bypassing some path traversal protection schemes. If "../" sequences are removed from the ".../...//" string in a sequential fashion (as some regular expression engines and other algorithms operate) the string can collapse into the unsafe "../" value (CWE-182). Removing the first "../" yields "....//" and the second removal yields "../".
Mitigation ID: MIT-20
Phase: Implementation
Strategy: Input Validation
Description:
- Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.