CVE-2024-12579

Name of the Vulnerable Software and Affected Versions Minify HTML plugin for WordPress versions up to, and including, 2.1.10

Description The issue is related to a Regular Expression Denial of Service (ReDoS) vulnerability. This vulnerability arises from the plugin's processing of user-supplied input as a regular expression, allowing unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages.

Recommendations For versions up to, and including, 2.1.10, consider disabling the plugin until a patch is available to prevent exploitation of the ReDoS vulnerability. As a temporary workaround, restrict the ability for unauthenticated users to create comments to minimize the risk of exploitation.