CVE-2021-24893 Information

Description

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating allowing submission of long integer causing a Denial of Service in the comments section or pending comment dashboard depending if the user sent it as unauthenticated or authenticated.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://wpscan.com/vulnerability/05d3af69-20b4-499a-8322-2b53674d6a58

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5