CVE-2024-52371
📋 TL;DR
This path traversal vulnerability in the Global Gateway e4 | Payeezy Gateway WordPress plugin allows attackers to delete arbitrary files on the server. It affects all WordPress sites using this payment gateway plugin up to version 2.0. Attackers can exploit this to delete critical system files or website content.
💻 Affected Systems
- Global Gateway e4 | Payeezy Gateway WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete website compromise through deletion of WordPress core files, configuration files, or database files leading to site destruction and potential data loss.
Likely Case
Website defacement or disruption by deleting theme files, plugin files, or uploaded content, causing service interruption and reputational damage.
If Mitigated
Limited impact if file permissions are properly configured and web server runs with minimal privileges, though some content deletion may still occur.
🎯 Exploit Status
The vulnerability requires authentication but is easy to exploit once authenticated. Public proof-of-concept code exists demonstrating the arbitrary file deletion.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.1 or later
Vendor Advisory: https://patchstack.com/database/vulnerability/globe-gateway-e4/wordpress-global-gateway-e4-plugin-2-0-arbitrary-file-deletion-vulnerability?_s_id=cve
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Global Gateway e4 | Payeezy Gateway'. 4. Click 'Update Now' if update available. 5. If no update available, deactivate and remove the plugin immediately.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily deactivate the vulnerable plugin until patched
wp plugin deactivate globe-gateway-e4
Restrict File Permissions
linuxSet strict file permissions on WordPress directories to limit damage
chmod 644 wp-config.php
chmod 755 wp-content
chmod 755 wp-includes
🧯 If You Can't Patch
- Remove the plugin completely and use alternative payment gateway
- Implement web application firewall (WAF) rules to block path traversal patterns
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for 'Global Gateway e4 | Payeezy Gateway' version 2.0 or earlierCheck Version:
wp plugin get globe-gateway-e4 --field=versionVerify Fix Applied:
Verify plugin version is 2.0.1 or later in WordPress admin panel📡 Detection & Monitoring
Log Indicators:
- Unusual file deletion events in web server logs
- POST requests to plugin endpoints with '../' patterns
- 404 errors for critical files that should exist
Network Indicators:
- HTTP requests containing path traversal sequences to plugin endpoints
- Unusual file deletion API calls
SIEM Query:
source="web_server" AND (uri="*globe-gateway-e4*" AND (method="POST" OR method="DELETE") AND (uri="*../*" OR uri="*..\\*"))