Description
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects MongoDB Server v3.6 versions prior to 3.6.9 and MongoDB Server v4.0 versions prior to 4.0.3.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.3.9)
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
WordPress Plugin Prismatic Multiple Cross-Site Scripting Vulnerabilities (2.7)
WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)