Description
Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sexy Add Template Cross-Site Request Forgery (1.0)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (6.1.6)
Moodle CVE-2021-36403 Vulnerability (CVE-2021-36403)
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9455)
WordPress 2.0.3 Multiple Unspecified Security Vulnerabilities (2.0 - 2.0.3)