CVE-2021-25121

🗓️ 20 Jun 2022 10:25:43Reported by WPScanType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 66 Views🌐 WEB

The Rating by BestWebSoft WordPress plugin before 1.6 allows submission of long integer, causing Denial of Service

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress plugin Rating by BestWebSoft 数字错误漏洞	20 Jun 202200:00	–	cnnvd
CNVD	WordPress BestWebSoft plugin denial of service vulnerability	22 Jun 202200:00	–	cnvd
Cvelist	CVE-2021-25121 Rating by BestWebSoft < 1.6 - Rating Denial of Service	20 Jun 202210:25	–	cvelist
EUVD	EUVD-2021-12033	7 Oct 202500:30	–	euvd
NVD	CVE-2021-25121	20 Jun 202211:15	–	nvd
Patchstack	WordPress Rating by BestWebSoft plugin <= 1.5 - Rating Denial of Service (DoS) vulnerability	24 May 202200:00	–	patchstack
Prion	Design/Logic Flaw	20 Jun 202211:15	–	prion
Positive Technologies	PT-2022-9675 · Bestwebsoft · Rating By Bestwebsoft Wordpress Plugin	20 Jun 202200:00	–	ptsecurity
RedhatCVE	CVE-2021-25121	22 May 202519:25	–	redhatcve
wpexploit	Rating by BestWebSoft < 1.6 - Rating Denial of Service	24 May 202200:00	–	wpexploit

NVD

Vulners

Node

bestwebsoft ratingRange<1.6wordpress

[
  {
    "product": "Rating by BestWebSoft",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.6",
        "status": "affected",
        "version": "1.6",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/efb1ddef-2123-416c-a932-856d41ed836d

Parameter	Position	Path	Description	CWE
rtng_rating[0]	request body	wp-comments-post.php	Submission of a very large rating value leads to Denial of Service in the post/page via the rating parameter in the comment form.	CWE-191

21 Nov 2024 05:54Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24

CVSS 3.16.5

EPSS0.00476

CWE-191