Description
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.
Remediation
References
Related Vulnerabilities
WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)
WordPress Plugin MP3-jPlayer Multiple Cross-Site Request Forgery Vulnerabilities (2.7.3)
WordPress Plugin Share Buttons Cross-Site Scripting (1.3.1)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.8.4)