Go to add post http://site.com/admin/product/create
click on create new product
There will a option called SKU
Fill the input field with huge characters, (more than 1 lakh)
Copy the below payload and put it in the input fields and click on continue.
You will see the application accepts large characters and if we will increase the characters then it can lead to Dos
Download the payload from here:
https://drive.google.com/file/d/1mQ_RMqcWiKuzRL_sQ0LfeKCboOd3WcYP/view?usp=sharing
Video & Image POC:
https://drive.google.com/drive/folders/1Y4prHy4EWlJBaleOAyeN82lQeb4JaAca?usp=sharing
Patch recommendation:
The post title input should be limited to 500 characters or max 1000 characters.
References
https://vulners.com/cve/CVE-2022-25062
.