Description
WordPress Plugin Crayon Syntax Highlighter is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently overwrite base themes with arbitrary CSS, which may lead to possible defacement of a website. WordPress Plugin Crayon Syntax Highlighter version 2.6.10 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.0 or latest
References
Related Vulnerabilities
WordPress 5.6.x Prototype Pollution (5.6 - 5.6.7)
WordPress Plugin Affiliate Press Multiple Cross-Site Scripting Vulnerabilities (0.3.8)
MySQL CVE-2016-0598 Vulnerability (CVE-2016-0598)
MySQL CVE-2022-21264 Vulnerability (CVE-2022-21264)
WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.98)