Groundhogg
Moderate fix1 remedy
cpe:2.3:a:groundhogg:groundhogg:*:*:*:*:wordpress:*:*
Moderate fix1 remedy
- <= 4.1.1.2
WordPress Groundhogg Plugin Arbitrary File Deletion Vulnerability
Vulnerability
Patched
A vulnerability allowing arbitrary file deletion has been identified in the WordPress Groundhogg plugin, specifically in versions through 4.1.1.2. This issue arises from inadequate validation of file paths in the 'process_export_delete' and 'process_import_delete' functions. As a result, authenticated attackers with Administrator-level access can delete arbitrary files on the server. Exploiting this vulnerability could lead to remote code execution, particularly if sensitive files like 'wp-config.php' are targeted.
Impact
Successful exploitation allows authenticated users with Administrator privileges to delete arbitrary files on the server, potentially leading to remote code execution.
Reproduction
To reproduce this vulnerability, an authenticated user with Administrator privileges can use the 'process_export_delete' or 'process_import_delete' functions to delete files. The vulnerability can be exploited by sending a request that includes the name of the file to be deleted, bypassing the insufficient path validation.
Remediation
Users are advised to update the Groundhogg plugin to version 4.1.2 or later, where this vulnerability has been patched.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
3.4impact
7.5exploitability
6.0remediation
7.7relevance
0.0threat
4.9urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.