Description
WordPress Plugin WP-Syntax is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin WP-Syntax versions 0.9.9 and prior are affected.
Remediation
Update to plugin version 0.9.10 or latest
References
Related Vulnerabilities
WordPress Plugin TinyMCE Color Picker Multiple Vulnerabilities (1.1)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.1.9)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-10003)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6600)
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)