CVE-2024-52371: 
WordPress vulnerability analysis and mitigation

A path traversal vulnerability (CVE-2024-52371) was discovered in DonnellC Global Gateway e4 | Payeezy Gateway affecting versions up to 2.0. The vulnerability was reported by researcher stealthcopter on October 8, 2024, and was publicly disclosed on November 11, 2024 (Patchstack).

The vulnerability is classified as an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) issue, identified as CWE-22. It has received a CVSS v3.1 base score of 8.6 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H. The vulnerability allows for arbitrary file deletion and can be exploited without authentication (Patchstack).

The vulnerability enables arbitrary file deletion capabilities, which could allow attackers to remove critical files from the affected website. If core files are deleted, it could result in website malfunction or complete service disruption. The high CVSS score of 8.6 indicates this is a severe vulnerability with significant potential impact (Patchstack).

Currently, there is no official fix available for this vulnerability. Website administrators are advised to implement immediate mitigation measures due to the high-risk nature of the vulnerability (Patchstack).