Description
WordPress Plugin Crayon Syntax Highlighter is prone to a local file disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability could allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application; this may aid in further attacks. WordPress Plugin Crayon Syntax Highlighter version 2.6.10 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.0 or latest
References
Related Vulnerabilities
WordPress Plugin Testimonial Slider Cross-Site Scripting (1.2.1)
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)
Python Resource Management Errors Vulnerability (CVE-2013-2099)