CVE-2024-35745 – WordPress Strategery Migrations plugin <= 1.0 - Arbitrary File Deletion vulnerability

https://notcve.org/view.php?id=CVE-2024-35745

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0. Limitación inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations permite Path Traversal y manipulación de archivos. Este problema afecta a Strategery Migrations: desde n/a hasta 1.0. The Strategery Migrations plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to delete arbitrary files on the server which can lead to remote code execution. • https://patchstack.com/database/vulnerability/strategery-migrations/wordpress-strategery-migrations-plugin-1-0-arbitrary-file-deletion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •