CVE-2024-12601
CVE-2024-12601
Título es
CVE-2024-12601
Mar, 17/12/2024 – 12:15
Tipo
CWE-400
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-12601
Descripción en
The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 5.2.63. This is due to unlimited height and width parameters for CAPTCHA images. This makes it possible for unauthenticated attackers to send multiple requests with large values, resulting in slowing server resources if the server does not mitigate Denial of Service attacks.
17/12/2024
17/12/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Gravedad 3.1 (CVSS 3.1 Base Score)
5.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
