Описание
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page
Ссылки
- PatchThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.14 (исключая)
cpe:2.3:a:implecode:reviews_plus:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 65%
0.00485
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-191
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
около 4 лет назад
The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated user submit such rating and the reviews are set to be displayed on the post/page
EPSS
Процентиль: 65%
0.00485
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-191
CWE-20