CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13926 – WP-Syntax <= 1.2 - Author+ Potential ReDoS
https://notcve.org/view.php?id=CVE-2024-13926
19 Apr 2025 — The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS. • https://wpscan.com/vulnerability/b5f0092e-7cd5-412f-a8ea-7bd4a8bf86d2 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13896 – WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS
https://notcve.org/view.php?id=CVE-2024-13896
20 Mar 2025 — The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wp_geshi_filter_replace_code() function, which could lead to Regular Expression Denial of Service (ReDoS) issue The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages plugin for WordPress is vulnerable to Regex denial of service in all versions up to, and including, 1.4.3. This is due to the plugin not properly restricting r... • https://wpscan.com/vulnerability/b8b622ea-e090-45ad-8755-b050fc055231 • CWE-400: Uncontrolled Resource Consumption •