CVE-2024-35743 – WordPress SC filechecker plugin <= 0.6 - Arbitrary File Deletion vulnerability

https://notcve.org/view.php?id=CVE-2024-35743

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6. La limitación inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en Siteclean SC filechecker permite el Path Traversal y la manipulación de archivos. Este problema afecta a SC filechecker: desde n/a hasta 0.6. The SC filechecker plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 0.6. This makes it possible for authenticated attackers, with administrator-level access and above, to delete arbitrary files on the server which can lead to remote code execution. • https://patchstack.com/database/vulnerability/wp-file-checker/wordpress-sc-filechecker-plugin-0-6-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •