Description
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress+Microsoft Office 365/Azure AD-LOGIN Cross-Site Scripting (15.3)
WordPress Plugin Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)
WordPress Plugin YouTube Embed Cross-Site Scripting (5.0.1)
WordPress Plugin Booking.com Product Helper Unspecified Vulnerability (1.0.3)