Description
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Customer Reviews Unspecified Vulnerability (3.0.7)
WordPress 5.3.x Multiple Vulnerabilities (5.3)
WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Request Forgery (4.7.2)
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5542)
WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)