WordPress Crayon Syntax Highlighter Plugin ‘wp_load’ Parameter Remote File Include Vulnerabilities
The information has been provided by Charlie Eriksen.
* WordPress Crayon Syntax Highlighter 1.12.1
Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the web server process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
Attackers can use a browser to exploit these issues.
The following example URI is available:
Published: October 15 2012