Description
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sliding Social Icons Cross-Site Request Forgery (1.61)
WordPress Plugin Google Maps by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (1.2.1)
WordPress 4.0.x Cross-Domain Flash Injection Vulnerability (4.0 - 4.0.21)
Oracle Database Server CVE-2007-0268 Vulnerability (CVE-2007-0268)
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)