CVE-2024-35539

Name of the Vulnerable Software and Affected Versions Typecho version 1.3.0

Description A race condition issue was found in the post commenting function, allowing attackers to post multiple comments before spam protection checks are applied, particularly if comments are posted at a high frequency.

Recommendations For Typecho version 1.3.0, as a temporary workaround, consider disabling the post commenting function until a patch is available. Restrict access to the commenting module to minimize the risk of exploitation. Avoid using the commenting feature in rapid succession to reduce the likelihood of bypassing spam protection checks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.