diff --git a/src/config.c b/src/config.c
index edd713755..4c1394ff3 100644
--- a/src/config.c
+++ b/src/config.c
@@ -1016,12 +1016,19 @@ load_image_file(char *dest, char *p, uint8_t *ui_wp)
     int   ret    = 0;
     char *slash  = NULL;
     char *above  = NULL;
+    char *above2 = NULL;
     char *use    = NULL;
 
     if ((slash = memrmem(usr_path + strlen(usr_path) - 2, usr_path, "/")) != NULL) {
         slash++;
         above = (char *) calloc(1, slash - usr_path + 1);
         memcpy(above, usr_path, slash - usr_path);
+
+        if ((slash = memrmem(above + strlen(above) - 2, above, "/")) != NULL) {
+            slash++;
+            above2 = (char *) calloc(1, slash - above + 1);
+            memcpy(above2, above, slash - above);
+        }
     }
 
     if (strstr(p, "wp://") == p) {
@@ -1051,6 +1058,13 @@ load_image_file(char *dest, char *p, uint8_t *ui_wp)
         else
             snprintf(dest, MAX_IMAGE_PATH_LEN, "%s%s%s%s", prefix, exe_path, path_get_slash(exe_path),
                      p + strlen("<exe_path>/"));
+    } else if (memcmp(p, "../../", strlen("../../")) == 0) {
+        use = (above2 == NULL) ? usr_path : above2;
+        if ((strlen(prefix) + strlen(use) + strlen(path_get_slash(use)) + strlen(p + strlen("../"))) >
+            (MAX_IMAGE_PATH_LEN - 11))
+            ret = 1;
+        else
+            snprintf(dest, MAX_IMAGE_PATH_LEN, "%s%s%s%s", prefix, use, path_get_slash(use), p + strlen("../"));
     } else if (memcmp(p, "../", strlen("../")) == 0) {
         use = (above == NULL) ? usr_path : above;
         if ((strlen(prefix) + strlen(use) + strlen(path_get_slash(use)) + strlen(p + strlen("../"))) >
@@ -3146,11 +3160,25 @@ save_image_file(char *cat, char *var, char *src)
     char *prefix     = "";
     char *slash      = NULL;
     char *above      = NULL;
+    char *above2     = NULL;
+    char *above3     = NULL;
 
     if ((slash = memrmem(usr_path + strlen(usr_path) - 2, usr_path, "/")) != NULL) {
         slash++;
         above = (char *) calloc(1, slash - usr_path + 1);
         memcpy(above, usr_path, slash - usr_path);
+
+        if ((slash = memrmem(above + strlen(above) - 2, above, "/")) != NULL) {
+            slash++;
+            above2 = (char *) calloc(1, slash - above + 1);
+            memcpy(above2, above, slash - above);
+
+            if ((slash = memrmem(above2 + strlen(above2) - 2, above2, "/")) != NULL) {
+                slash++;
+                above3 = (char *) calloc(1, slash - above2 + 1);
+                memcpy(above3, above2, slash - above2);
+            }
+        }
     }
 
     path_normalize(src);
@@ -3164,7 +3192,11 @@ save_image_file(char *cat, char *var, char *src)
         sprintf(temp, "%s", src);
     else if (!strnicmp(src, usr_path, strlen(usr_path)))
         sprintf(temp, "%s%s", prefix, &src[strlen(usr_path)]);
-    else if ((above != NULL) && !strnicmp(src, above, strlen(above)))
+    /* Do not relativize to root. */
+    else if ((above2 != NULL) && (above3 != NULL) && !strnicmp(src, above, strlen(above2)))
+        sprintf(temp, "../../%s%s", prefix, &src[strlen(above2)]);
+    /* Do not relativize to root. */
+    else if ((above != NULL) && (above2 != NULL) && !strnicmp(src, above, strlen(above)))
         sprintf(temp, "../%s%s", prefix, &src[strlen(above)]);
     else if (!strnicmp(src, exe_path, strlen(exe_path)))
         sprintf(temp, "<exe_path>/%s%s", prefix, &src[strlen(exe_path)]);