ГлавнаяУязвимости → CVE-2024-13925
7.5высокая

CVE-2024-13925

Описание

The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk.

Затрагиваемое ПО
Klarna Klarna checkout for woocommerce
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://wpscan.com/vulnerability/6aebb52f-d74a-4043-86c4-c24579f24ef4/