CVE-2024-13896
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wp_geshi_filter_replace_code() function, which could lead to Regular Expression Denial of Service (ReDoS) issue
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages | 0 <= 1.4.3 | affected |
Weaknesses
- CWE-1333 Inefficient Regular Expression Complexity
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.