Description
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sabre 'tools.php' Cross-Site Scripting (1.2.0)
PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)
WordPress Plugin Fancy Product Designer-WooCommerce Cross-Site Request Forgery (4.7.5)
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6065)
Drupal Files or Directories Accessible to External Parties Vulnerability (CVE-2017-6922)