CVE-2014-9034

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 3.7.5 WordPress versions 3.8.x prior to 3.8.5 WordPress versions 3.9.x prior to 3.9.3 WordPress versions 4.x prior to 4.0.1

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by providing a long password that is not handled properly during the hashing process.

Recommendations For WordPress versions prior to 3.7.5, update to version 3.7.5 or later. For WordPress versions 3.8.x prior to 3.8.5, update to version 3.8.5 or later. For WordPress versions 3.9.x prior to 3.9.3, update to version 3.9.3 or later. For WordPress versions 4.x prior to 4.0.1, update to version 4.0.1 or later.