Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress ‘make_clickable’函数拒绝服务漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 3.1.1之前版本中的wp-includes/formatting.php中的make_clickable函数中存在漏洞,该漏洞源于URLs传递到PCRE库之前未经正确检查。远程攻击者可利用该漏洞通过特制的URL触发多递归调用评论,导致拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A