CWE-35
Path Traversal: '.../...//'
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
CVE-2024-47170 (GCVE-0-2024-47170)
Vulnerability from cvelistv5 – Published: 2024-09-26 17:16 – Updated: 2025-03-12 21:16
VLAI
Title
Agnai File Disclosure Vulnerability: JSON via Path Traversal
Summary
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information and exposure of confidential configuration files. This only affects installations with `JSON_STORAGE` enabled which is intended to local/self-hosting only. Version 1.0.330 fixes this issue.
Severity
4.3 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/agnaistic/agnai/security/advis… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T17:06:45.896136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T21:16:50.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "agnai",
"vendor": "agnaistic",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.330"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information and exposure of confidential configuration files. This only affects installations with `JSON_STORAGE` enabled which is intended to local/self-hosting only. Version 1.0.330 fixes this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:16:21.950Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/agnaistic/agnai/security/advisories/GHSA-h355-hm5h-cm8h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-h355-hm5h-cm8h"
}
],
"source": {
"advisory": "GHSA-h355-hm5h-cm8h",
"discovery": "UNKNOWN"
},
"title": "Agnai File Disclosure Vulnerability: JSON via Path Traversal"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47170",
"datePublished": "2024-09-26T17:16:21.950Z",
"dateReserved": "2024-09-19T22:32:11.961Z",
"dateUpdated": "2025-03-12T21:16:50.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47171 (GCVE-0-2024-47171)
Vulnerability from cvelistv5 – Published: 2024-09-26 17:21 – Updated: 2024-09-26 17:53
VLAI
Title
Agnai vulnerable to Relative Path Traversal in Image Upload
Summary
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for defacement. This does not affect `agnai.chat`, installations using S3-compatible storage, or self-hosting that is not publicly exposed. Version 1.0.330 fixes this vulnerability.
Severity
4.3 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/agnaistic/agnai/security/advis… | x_refsource_CONFIRM |
| https://github.com/agnaistic/agnai/blob/75abbd5b0… | x_refsource_MISC |
| https://github.com/agnaistic/agnai/blob/75abbd5b0… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T17:50:57.850067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:53:23.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "agnai",
"vendor": "agnaistic",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.330"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for defacement. This does not affect `agnai.chat`, installations using S3-compatible storage, or self-hosting that is not publicly exposed. Version 1.0.330 fixes this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:21:52.646Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/agnaistic/agnai/security/advisories/GHSA-g54f-66mw-hv66",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/agnaistic/agnai/security/advisories/GHSA-g54f-66mw-hv66"
},
{
"name": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/character.ts#L140:",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/character.ts#L140:"
},
{
"name": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/upload.ts#L55",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/agnaistic/agnai/blob/75abbd5b0f5e48ddecc805365cf1574d05ee1ce5/srv/api/upload.ts#L55"
}
],
"source": {
"advisory": "GHSA-g54f-66mw-hv66",
"discovery": "UNKNOWN"
},
"title": "Agnai vulnerable to Relative Path Traversal in Image Upload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47171",
"datePublished": "2024-09-26T17:21:52.646Z",
"dateReserved": "2024-09-19T22:32:11.961Z",
"dateUpdated": "2024-09-26T17:53:23.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47324 (GCVE-0-2024-47324)
Vulnerability from cvelistv5 – Published: 2024-10-05 12:33 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7.
Severity
7.5 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ex-Themes | WP Timeline – Vertical and Horizontal timeline plugin |
Affected:
0 , ≤ 3.6.7
(custom)
|
Date Public
2026-04-01 16:27
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ex-themes:wp_timeline:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wp_timeline",
"vendor": "ex-themes",
"versions": [
{
"lessThanOrEqual": "3.6.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T14:35:29.903088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T14:40:45.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-timelines",
"product": "WP Timeline \u2013 Vertical and Horizontal timeline plugin",
"vendor": "Ex-Themes",
"versions": [
{
"changes": [
{
"at": "3.6.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.6.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bonds | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:27:47.740Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Ex-Themes WP Timeline \u2013 Vertical and Horizontal timeline plugin wp-timelines.\u003cp\u003eThis issue affects WP Timeline \u2013 Vertical and Horizontal timeline plugin: from n/a through \u003c= 3.6.7.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Ex-Themes WP Timeline \u2013 Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline \u2013 Vertical and Horizontal timeline plugin: from n/a through \u003c= 3.6.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:18.866Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-timelines/vulnerability/wordpress-wp-timeline-plugin-3-6-7-local-file-inclusion-vulnerability-2?_s_id=cve"
}
],
"title": "WordPress WP Timeline plugin \u003c= 3.6.7 - Local File Inclusion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-47324",
"datePublished": "2024-10-05T12:33:06.952Z",
"dateReserved": "2024-09-24T13:00:35.587Z",
"dateUpdated": "2026-04-28T16:10:18.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49249 (GCVE-0-2024-49249)
Vulnerability from cvelistv5 – Published: 2025-01-07 10:49 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress SMSA Shipping plugin <= 2.3 - Arbitrary File Deletion vulnerability
Summary
Path Traversal: '.../...//' vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through <= 2.3.
Severity
8.6 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SMSA Express | SMSA Shipping |
Affected:
0 , ≤ 2.3
(custom)
|
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49249",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T14:25:13.075671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T14:25:29.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "smsa-shipping-official",
"product": "SMSA Shipping",
"vendor": "SMSA Express",
"versions": [
{
"changes": [
{
"at": "2.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mika | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:23.943Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.\u003cp\u003eThis issue affects SMSA Shipping: from n/a through \u003c= 2.3.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through \u003c= 2.3."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:23.828Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/smsa-shipping-official/vulnerability/wordpress-smsa-shipping-plugin-2-3-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"title": "WordPress SMSA Shipping plugin \u003c= 2.3 - Arbitrary File Deletion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49249",
"datePublished": "2025-01-07T10:49:34.877Z",
"dateReserved": "2024-10-14T10:39:26.356Z",
"dateUpdated": "2026-04-28T16:10:23.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49258 (GCVE-0-2024-49258)
Vulnerability from cvelistv5 – Published: 2024-10-16 13:45 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress Limb Gallery plugin <= 1.5.7 - Arbitrary File Download vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7.
Severity
6.5 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Limbcode | WordPress Gallery Plugin – Limb Image Gallery |
Affected:
0 , ≤ 1.5.7
(custom)
|
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T14:06:26.307003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T14:08:54.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "limb-gallery",
"product": "WordPress Gallery Plugin \u2013 Limb Image Gallery",
"vendor": "Limbcode",
"versions": [
{
"lessThanOrEqual": "1.5.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "stealthcopter | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:07.432Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Limbcode WordPress Gallery Plugin \u2013 Limb Image Gallery limb-gallery.\u003cp\u003eThis issue affects WordPress Gallery Plugin \u2013 Limb Image Gallery: from n/a through \u003c= 1.5.7.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Limbcode WordPress Gallery Plugin \u2013 Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin \u2013 Limb Image Gallery: from n/a through \u003c= 1.5.7."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:23.703Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/limb-gallery/vulnerability/wordpress-limb-gallery-plugin-1-5-7-arbitrary-file-download-vulnerability?_s_id=cve"
}
],
"title": "WordPress Limb Gallery plugin \u003c= 1.5.7 - Arbitrary File Download vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-49258",
"datePublished": "2024-10-16T13:45:17.578Z",
"dateReserved": "2024-10-14T10:39:35.168Z",
"dateUpdated": "2026-04-28T16:10:23.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-49770 (GCVE-0-2024-49770)
Vulnerability from cvelistv5 – Published: 2024-11-01 16:16 – Updated: 2024-11-01 17:35
VLAI
Title
oak's path traversal allows transfer of hidden files within the served root directory
Summary
`oak` is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default `oak` does not allow transferring of hidden files with `Context.send` API. However, prior to version 17.1.3, this can be bypassed by encoding `/` as its URL encoded form `%2F`. For an attacker this has potential to read sensitive user data or to gain access to server secrets. Version 17.1.3 fixes the issue.
Severity
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/oakserver/oak/security/advisor… | x_refsource_CONFIRM |
| https://github.com/oakserver/oak/commit/4b2f27efd… | x_refsource_MISC |
| https://github.com/oakserver/oak/blob/3896fe568b2… | x_refsource_MISC |
| https://github.com/oakserver/oak/blob/3896fe568b2… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:oakserver:oak:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oak",
"vendor": "oakserver",
"versions": [
{
"lessThan": "17.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49770",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T17:32:52.541978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T17:35:10.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "oak",
"vendor": "oakserver",
"versions": [
{
"status": "affected",
"version": "\u003c 17.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "`oak` is a middleware framework for Deno\u0027s native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default `oak` does not allow transferring of hidden files with `Context.send` API. However, prior to version 17.1.3, this can be bypassed by encoding `/` as its URL encoded form `%2F`. For an attacker this has potential to read sensitive user data or to gain access to server secrets. Version 17.1.3 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T16:16:29.482Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/oakserver/oak/security/advisories/GHSA-qm92-93fv-vh7m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/oakserver/oak/security/advisories/GHSA-qm92-93fv-vh7m"
},
{
"name": "https://github.com/oakserver/oak/commit/4b2f27efd5cba5a45b2c3982e610da3af0869209",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/oakserver/oak/commit/4b2f27efd5cba5a45b2c3982e610da3af0869209"
},
{
"name": "https://github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L117-L125",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L117-L125"
},
{
"name": "https://github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L182C10-L182C25",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/oakserver/oak/blob/3896fe568b25ac0b4c5afbf822ff8344c3d1712a/send.ts#L182C10-L182C25"
}
],
"source": {
"advisory": "GHSA-qm92-93fv-vh7m",
"discovery": "UNKNOWN"
},
"title": "oak\u0027s path traversal allows transfer of hidden files within the served root directory"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-49770",
"datePublished": "2024-11-01T16:16:29.482Z",
"dateReserved": "2024-10-18T13:43:23.458Z",
"dateUpdated": "2024-11-01T17:35:10.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-50054 (GCVE-0-2024-50054)
Vulnerability from cvelistv5 – Published: 2024-11-22 22:22 – Updated: 2024-11-26 16:59
VLAI
Title
mySCADA myPRO Path Traversal
Summary
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.
Severity
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| mySCADA | myPRO Manager |
Affected:
0 , < 1.3
(custom)
|
|
| mySCADA | myPRO Runtime |
Affected:
0 , < 9.2.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:myscada:mypro_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mypro_manager",
"vendor": "myscada",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:myscada:mypro_runtime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mypro_runtime",
"vendor": "myscada",
"versions": [
{
"lessThan": "9.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T16:58:05.074931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T16:59:05.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "myPRO Manager",
"vendor": "mySCADA",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "myPRO Runtime",
"vendor": "mySCADA",
"versions": [
{
"lessThan": "9.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Heinzl reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T22:22:08.207Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003emySCADA recommends updating to the latest versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003emySCADA PRO Manager \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.myscada.org/resources/\"\u003e1.3\u003c/a\u003e\u003c/li\u003e\u003cli\u003emySCADA PRO Runtime \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.myscada.org/resources/\"\u003e9.2.1\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "mySCADA recommends updating to the latest versions:\n\n * mySCADA PRO Manager 1.3 https://www.myscada.org/resources/ \n * mySCADA PRO Runtime 9.2.1 https://www.myscada.org/resources/"
}
],
"source": {
"advisory": "ICSA-24-326-07",
"discovery": "EXTERNAL"
},
"title": "mySCADA myPRO Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-50054",
"datePublished": "2024-11-22T22:22:08.207Z",
"dateReserved": "2024-11-13T20:44:28.734Z",
"dateUpdated": "2024-11-26T16:59:05.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-51582 (GCVE-0-2024-51582)
Vulnerability from cvelistv5 – Published: 2024-11-04 13:38 – Updated: 2026-05-11 21:39
VLAI
Title
WordPress WP Hotel Booking plugin <= 2.2.9 - Local File Inclusion vulnerability
Summary
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through <= 2.2.9.
Severity
7.5 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ThimPress | WP Hotel Booking |
Affected:
0 , ≤ 2.2.9
(custom)
|
Date Public
2026-04-01 16:28
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:thimpress:wp_hotel_booking:-:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "wp_hotel_booking",
"vendor": "thimpress",
"versions": [
{
"lessThanOrEqual": "2.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51582",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T17:21:46.618656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T21:39:58.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-hotel-booking",
"product": "WP Hotel Booking",
"vendor": "ThimPress",
"versions": [
{
"changes": [
{
"at": "2.3.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.2.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ghsinfosec | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:28:58.420Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.\u003cp\u003eThis issue affects WP Hotel Booking: from n/a through \u003c= 2.2.9.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through \u003c= 2.2.9."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:33.315Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-hotel-booking/vulnerability/wordpress-wp-hotel-booking-plugin-2-1-4-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"title": "WordPress WP Hotel Booking plugin \u003c= 2.2.9 - Local File Inclusion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-51582",
"datePublished": "2024-11-04T13:38:39.051Z",
"dateReserved": "2024-10-30T15:04:10.016Z",
"dateUpdated": "2026-05-11T21:39:58.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52390 (GCVE-0-2024-52390)
Vulnerability from cvelistv5 – Published: 2024-11-18 21:28 – Updated: 2026-04-28 16:10
VLAI
Title
WordPress CYAN Backup plugin <= 2.5.3 - Arbitrary File Download vulnerability
Summary
Path Traversal: '.../...//' vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.This issue affects CYAN Backup: from n/a through <= 2.5.3.
Severity
4.9 (Medium)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Greg Ross | CYAN Backup |
Affected:
0 , ≤ 2.5.3
(custom)
|
Date Public
2026-04-01 16:29
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T15:28:39.740529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T15:28:53.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "cyan-backup",
"product": "CYAN Backup",
"vendor": "Greg Ross",
"versions": [
{
"changes": [
{
"at": "2.5.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.5.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Junsu Yeo | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:29:47.327Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.\u003cp\u003eThis issue affects CYAN Backup: from n/a through \u003c= 2.5.3.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in Greg Ross CYAN Backup cyan-backup allows Path Traversal.This issue affects CYAN Backup: from n/a through \u003c= 2.5.3."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:40.833Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/cyan-backup/vulnerability/wordpress-cyan-backup-plugin-2-5-3-arbitrary-file-download-vulnerability?_s_id=cve"
}
],
"title": "WordPress CYAN Backup plugin \u003c= 2.5.3 - Arbitrary File Download vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-52390",
"datePublished": "2024-11-18T21:28:53.796Z",
"dateReserved": "2024-11-11T06:38:56.851Z",
"dateUpdated": "2026-04-28T16:10:40.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52447 (GCVE-0-2024-52447)
Vulnerability from cvelistv5 – Published: 2024-11-20 11:07 – Updated: 2026-05-11 22:15
VLAI
Title
WordPress Contact Page With Google Map plugin <= 1.6.1 - Arbitrary File Deletion vulnerability
Summary
Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through <= 1.6.1.
Severity
8.6 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| corporatezen222 | Contact Page With Google Map |
Affected:
0 , ≤ 1.6.1
(custom)
|
Date Public
2026-04-01 16:29
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:54:19.875942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T22:15:13.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "contact-page-with-google-map",
"product": "Contact Page With Google Map",
"vendor": "corporatezen222",
"versions": [
{
"lessThanOrEqual": "1.6.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mika | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:29:54.885Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.\u003cp\u003eThis issue affects Contact Page With Google Map: from n/a through \u003c= 1.6.1.\u003c/p\u003e"
}
],
"value": "Path Traversal: \u0027.../...//\u0027 vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through \u003c= 1.6.1."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:10:42.628Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/contact-page-with-google-map/vulnerability/wordpress-contact-page-with-google-map-plugin-1-6-1-arbitrary-file-deletion-vulnerability?_s_id=cve"
}
],
"title": "WordPress Contact Page With Google Map plugin \u003c= 1.6.1 - Arbitrary File Deletion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-52447",
"datePublished": "2024-11-20T11:07:29.829Z",
"dateReserved": "2024-11-11T06:39:48.586Z",
"dateUpdated": "2026-05-11T22:15:13.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-5.1
Phase: Implementation
Strategy: Input Validation
Description:
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
- Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, the ".../...//" manipulation is useful for bypassing some path traversal protection schemes. If "../" sequences are removed from the ".../...//" string in a sequential fashion (as some regular expression engines and other algorithms operate) the string can collapse into the unsafe "../" value (CWE-182). Removing the first "../" yields "....//" and the second removal yields "../".
Mitigation ID: MIT-20
Phase: Implementation
Strategy: Input Validation
Description:
- Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.