Security Advisory

CVE-2024-13925

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-17 06:00:09

Last updated 2025-08-27 12:00:56

Assigner WPScan

State PUBLISHED

Description

The Klarna Checkout for WooCommerce WordPress plugin before 2.13.5 exposes an unauthenticated WooCommerce Ajax endpoint that allows an attacker to flood the log files with data at the maximum size allowed for a POST parameter per request. This can result in rapid consumption of disk space, potentially filling the entire disk.

← Browse all CVEs View on cve.org ↗