Description
WordPress Plugin Synchi is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin Synchi version 5.1 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Limit Attempts by BestWebSoft SQL Injection (1.1.0)
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2)
PHP Other Vulnerability (CVE-2007-2511)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5731)
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10188)