CVE-2024-6434

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-1333
View all →

Vulnerability Description

The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 4.10.35. This is due to processing user-supplied input as a regular expression. This makes it possible for authenticated attackers, with Author-level access and above, to create and query a malicious post title, resulting in slowing server resources.

Related Vulnerabilities

CVE-2022-2908

MEDIUM
CVSS:4.3(Medium)

A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before 15.1.5, all versions starting from 15.2 before 15.2.3, all versions starting from 15.3 before 15.3.1 all...

CWE-13332022

CVE-2025-1194

MEDIUM
CVSS:4.3(Medium)

A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file `tokenization_gpt_neox_japanese.py` of the GPT-NeoX-Japane...

CWE-13332025

CVE-2024-9506

LOW
CVSS:3.7(Low)

Improper regular expression in Vue's parseHTML function leads to a potential regular expression denial of service vulnerability.

CWE-13332024

CVE-2022-34402

MEDIUM
CVSS:4.9(Medium)

Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An admin privilege attacker could potentially exploit this vulnerability, leading to denial-of-service.

CWE-13332022

CVE-2024-39317

MEDIUM
CVSS:4.9(Medium)

Wagtail is an open source content management system built on Django. A bug in Wagtail's `parse_query_string` would result in it taking a long time to process suitably crafted inputs. When used to pars...

CWE-13332024

CVE-2024-9277

MEDIUM
CVSS:3.5(Low)

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of th...

CWE-13332024