wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Wordpress |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DSA |
DSA-2718-1 | wordpress security update |
 EUVD |
EUVD-2013-2132 | wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T15:27:41.088Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2173
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2013-06-21T13:57:25.497
Modified: 2025-04-11T00:51:21.963
Link: CVE-2013-2173
Redhat
No data.
OpenCVE Enrichment
No data.