CVE-2013-2173

EPSS 1.7%

wordpress - several

Published: 6/21/2013Modified: 5/27/2026

Also known as:DEBIAN-CVE-2013-2173

Description

wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.

Affected packages (2)

Debian/wordpressfrom 0, < 3.5.2+dfsg-1
Debian/wordpressfrom 0, < 3.5.2+dfsg-1~deb6u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2173