WordPress Plugin WP-Syntax Remote PHP Code Execution (0.9.9)

Description
  • WordPress Plugin WP-Syntax is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin WP-Syntax versions 0.9.9 and prior are affected.
Remediation
  • Update to plugin version 0.9.10 or latest
References