CVE-2013-2173

Published: Jun 21, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://vndh.net/note:wordpress-351-denial-service

x_refsource_MISC

http://wordpress.org/news/2013/06/wordpress-3-5-2/

x_refsource_CONFIRM

DSA-2718

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20130612 Re: CVE request: WordPress 3.5.1 denial of service vulnerability

mailing-list

x_refsource_MLIST

20130613 Re: WordPress 3.5.1, Denial of Service

mailing-list

x_refsource_BUGTRAQ

http://codex.wordpress.org/Version_3.5.2

x_refsource_CONFIRM

https://github.com/wpscanteam/wpscan/issues/219

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-2173

Description

Affected Products

References