Energox
Monthly
A path traversal vulnerability exists in designingmedia Energox theme affecting versions up to and including 1.2, allowing attackers to access files outside intended directories through improper pathname validation. The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has been reported by Patchstack. While CVSS and EPSS scores are not available and KEV status is unknown, the vulnerability represents a classic file access control weakness that could enable unauthorized file disclosure or deletion depending on application context.
A path traversal vulnerability exists in designingmedia Energox theme affecting versions up to and including 1.2, allowing attackers to access files outside intended directories through improper pathname validation. The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has been reported by Patchstack. While CVSS and EPSS scores are not available and KEV status is unknown, the vulnerability represents a classic file access control weakness that could enable unauthorized file disclosure or deletion depending on application context.