Description

wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.

Remediation

References

CVE-2013-2173

Related Vulnerabilities

Oracle JRE CVE-2012-0503 Vulnerability (CVE-2012-0503)

Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-11985)

MySQL Other Vulnerability (CVE-2001-1275)

WordPress Plugin Ocean Extra PHP Object Injection (2.0.4)

Oracle Application Server CVE-2007-0280 Vulnerability (CVE-2007-0280)

Severity

Medium

Classification

CVE-2013-2173

Tags

Missing Update Known Vulnerabilities