Phat Do

**Name of the Vulnerable Software and Affected Versions** Groundhogg plugin for WordPress versions up to, and including, 4.1.1.2 **Description** The Groundhogg plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the `process export delete` and `process import delete` functions. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted, such as `wp-config.php`. **Recommendations** For Groundhogg plugin for WordPress versions up to, and including, 4.1.1.2, update to a version higher than 4.1.1.2 to resolve the issue. As a temporary workaround, consider disabling the `process export delete` and `process import delete` functions until a patch is available. Restrict access to sensitive files on the server to minimize the risk of exploitation.