cleantalk
Vulnerabilities and Security Researches

WP-Syntax, CVE-2024-13926

CVE, Research URL

CVE-2024-13926

Home page URL

Security reports for WP-Syntax

Application

WP-Syntax

Published on
Apr 19, 2025
Research Description
The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a large number of tags, thereby exploiting a catastrophic backtracking issue in the regular expression processing to cause a DoS.
Affected versions
Min -, max 1.2.
Status
vulnerable
Previous vulnerability researches
Cart tracking for WooCommerce (d666481e974f21c6b520fbaf7e0c7d274c39fb4b) , Jun 07, 2024
Cart tracking for WooCommerce (CVE-2025-30791) , Mar 28, 2025
New vulnerability
WP-Syntax (CVE-2024-13926) , Apr 22, 2025
Simple Sitemap – Create a Responsive HTML Sitemap (CVE-2025-39413) , Apr 22, 2025
WooCommerce Shipping & Tax , Apr 21, 2025
Name Directory (CVE-2025-39454) , Apr 21, 2025
SB Chart block (CVE-2025-3661) , Apr 20, 2025