CVE-2018-1000090

Name of the Vulnerable Software and Affected Versions: Textpattern version 4.6.2

Description: The issue is related to an XML Injection vulnerability in the Import XML feature, which can lead to a Denial of Service (DoS) by exhausting the server's memory resources. This can be exploited by uploading a specially crafted XML file.

Recommendations: For Textpattern version 4.6.2, consider disabling the Import XML feature until a patch is available to prevent potential exploitation. Restrict access to the Import XML functionality to minimize the risk of a Denial of Service attack.