Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1.
GHSA: Improper Limitation
Exploit
CVE-2026-48866
GHSA