Unrated severityNVD Advisory· Published Jun 21, 2013· Updated Jun 16, 2026
CVE-2013-2173
CVE-2013-2173
Description
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:wordpress:wordpress:3.5.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wordpress:wordpress:3.5.1:*:*:*:*:*:*:*
- (no CPE)range: =3.5.1
Patches
Vulnerability mechanics
References
7- vndh.net/note:wordpress-351-denial-servicenvdExploit
- archives.neohapsis.com/archives/bugtraq/2013-06/0052.htmlnvd
- codex.wordpress.org/Version_3.5.2nvd
- openwall.com/lists/oss-security/2013/06/12/2nvd
- wordpress.org/news/2013/06/wordpress-3-5-2/nvd
- www.debian.org/security/2013/dsa-2718nvd
- github.com/wpscanteam/wpscan/issues/219nvd
News mentions
0No linked articles in our index yet.