Description
This script is possibly vulnerable to directory traversal attacks.
Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013)
WordPress Plugin Visual Composer:Page Builder for WordPress Local File Inclusion (5.1)
WordPress 4.4.x Directory Traversal (4.4 - 4.4.32)
WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5)
WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (4.1.7.3.2)