CVE-2021-24894

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Reviews Plus WordPress plugin versions prior to 1.2.14

Description: The issue allows submission of a long integer as a rating, causing a Denial of Service in the review section when an authenticated user submits such a rating and the reviews are set to be displayed on the post/page.

Recommendations: For versions prior to 1.2.14, update to version 1.2.14 or later to resolve the issue.

Exploit

Fix

DoS

Integer Underflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191CWE-20

Related Identifiers

CVE-2021-24894

Affected Products

Reviews Plus

CVE-2021-24894

Weakness Enumeration

Related Identifiers

Affected Products

References · 5