Описание
The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.13.5 (исключая)
cpe:2.3:a:klarna:klarna_checkout_for_woocommerce:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 42%
0.002
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
10 месяцев назад
The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk.
EPSS
Процентиль: 42%
0.002
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo