Lucene search

K
patchstackDrupal security teamPATCHSTACK:075D41FDD591A35C4EF184FCB92E82B4
HistoryAug 15, 2014 - 12:00 a.m.

WordPress <= 3.9.1 - Denial Of Service Attacks #1

2014-08-1500:00:00
Drupal security team
patchstack.com
9

0.929 High

EPSS

Percentile

99.0%

The Incutio XML-RPC (IXR) Library, that is used in WordPress 3.9.1, does not limit the number of elements in an XML document. In that way the attackers can cause a denial of service attacks via a large document.

Related records:

http://db.threatpress.com/vulnerability/wordpress/wordpress-3-9-1-denial-of-service-attacks-2

Solution

           Update WordPress. 
CPENameOperatorVersion
wordpressle3.9.1

0.929 High

EPSS

Percentile

99.0%