CVE-2024-37497 – WordPress JetThemeCore plugin < 2.2.1 - Subscriber+ Arbitrary File Deletion vulnerability

https://notcve.org/view.php?id=CVE-2024-37497

04 Jul 2024 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetThemeCore allows File Manipulation.This issue affects JetThemeCore: from n/a before 2.2.1. Vulnerabilidad de limitación inadecuada de un nombre de ruta a un directorio restringido ("Path Traversal") en Crocoblock JetThemeCore permite la manipulación de archivos. Este problema afecta a JetThemeCore: desde n/a antes de 2.2.1. The JetThemeCore for Elementor plugin for WordPress is vulnerable to arbitra... • https://patchstack.com/database/vulnerability/jet-theme-core/wordpress-jetthemecore-plugin-2-2-1-subscriber-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •