Description
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
Remediation
References
Related Vulnerabilities
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9858)
WordPress Plugin EditorMonkey Remote File Upload (2.5)
WordPress Plugin Under Construction Unspecified Vulnerability (3.25)
WordPress Plugin WP Lead Management Cross-Site Scripting (3.0.0)
WordPress Plugin FeedWordPress Cross-Site Scripting (2014.0805)