Description

WordPress Plugin Simple Ads Manager is prone to a Denial of Service vulnerability. Exploiting this issue may allow an attacker to cause the affected website to consume memory and CPU resources, thus denying service to legitimate users. WordPress Plugin Simple Ads Manager version 2.9.3.114 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.9.4.116 or latest

References

http://www.openwall.com/lists/oss-security/2015/07/02/4

http://seclists.org/oss-sec/2015/q3/13

Related Vulnerabilities

Atlassian Confluence Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21673)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-45474)

Moodle 7PK - Security Features Vulnerability (CVE-2015-5331)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Security Bypass (3.8.1.2)

WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Security Bypass (4.9.3)

Severity

High

Classification

CWE-400 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Tags

Missing Update Denial Of Service