CVE-2022-47167

WordPress Crayon Syntax Highlighter Plugin <= 2.8.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions.

We have discovered 22 live websites that are affected by CVE-2022-47167.

Affected Software


Product	Crayon Syntax Highlighter
Category	Wordpress Plugins
Vulnerable Versions	from 0 through 2.8.4
Total Vulnerable Versions	7
Vulnerable Domains	22 live websites (100.00% of Crayon Syntax Highlighter install base)

Common Weakness Enumeration

CWE-352 Cross-Site Request Forgery (CSRF)

Available Reports

Website List

Details

Published - May 22, 2023
Updated - May 22, 2023

Credits

Lana Codes (Patchstack Alliance) (finder)

CWE

CWE-352

CVE References

CWE References

cwe.mitre.org

Countries

United States	7 websites

Germany	3 websites
China	2 websites
GB	2 websites
Spain	1 websites
France	1 websites
Indonesia	1 websites
Japan	1 websites
Korea, South	1 websites
Netherlands	1 websites

TLDs

.com	12 websites
.net	3 websites
.org	2 websites
.com.cn	1 websites
.es	1 websites
.fr	1 websites
.nl	1 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

References

https://patchstack.com/database/vulnerability/crayon-syntax-highlighter/wordpress-crayon-syntax-highlighter-plugin-2-8-4-cross-site-request-forgery-csrf?_s_id=cve

Websites affected by CVE-2022-47167

Top websites that are affected by CVE-2022-47167. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*.*****.net	Germany	*,*
**************.com	United States	*,*
******************.com	United States	*,*
*.****.org	GB	,,*
**.************.com	Germany	,,*
*****************.com	United States	,,*
******.org	Ukraine	,,*
*.*****.com	China	,,*
*********.com	Germany	,,*
*******.net	United States	,,*

See full domain list