CVE-2024-52371 – WordPress Global Gateway e4 plugin <= 2.0 - Arbitrary File Deletion vulnerability

https://notcve.org/view.php?id=CVE-2024-52371

11 Nov 2024 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DonnellC Global Gateway e4 | Payeezy Gateway.This issue affects Global Gateway e4 | Payeezy Gateway: from n/a through 2.0. The Global Gateway e4 | Payeezy Gateway | plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to delete arbitrary files on the serve... • https://patchstack.com/database/vulnerability/globe-gateway-e4/wordpress-global-gateway-e4-plugin-2-0-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •