Description
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
Remediation
References
Related Vulnerabilities
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2047)
Oracle Application Server Other Vulnerability (CVE-2002-0566)
WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
WordPress Plugin Pay Per Media Player Multiple Cross-Site Scripting Vulnerabilities (1.24)
IBM RTC Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-4974)