PT-2022-9675 · Bestwebsoft · Rating By Bestwebsoft Wordpress Plugin
Drew Jones
·
Published
2022-06-20
·
Updated
2022-11-05
·
CVE-2021-25121
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
The Rating by BestWebSoft WordPress plugin versions prior to 1.6
Description
The issue allows submission of a long integer as a rating, causing a Denial of Service on the post/page when such a rating is submitted. This occurs due to the lack of validation of the submitted rating.
Recommendations
For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider implementing input validation for ratings to prevent the submission of long integers.
Exploit
Fix
DoS
Integer Underflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rating By Bestwebsoft Wordpress Plugin