Description
WordPress Plugin Crayon Syntax Highlighter is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently overwrite base themes with arbitrary CSS, which may lead to possible defacement of a website. WordPress Plugin Crayon Syntax Highlighter version 2.6.10 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.0 or latest
References
Related Vulnerabilities
Magento CVE-2019-8136 Vulnerability (CVE-2019-8136)
WordPress Plugin Hana Flv Player Cross-Site Scripting (3.1.3)
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Cross-Site Scripting (1.1.1.11)