Description
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
Remediation
References
Related Vulnerabilities
WordPress Plugin Login Logout Menu Multiple Cross-Site Scripting Vulnerabilities (1.3.3)
WordPress Plugin Calendar Cross-Site Request Forgery (1.3.2)
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Arbitrary File Upload (2.0)
Python CVE-2013-1753 Vulnerability (CVE-2013-1753)
WordPress Plugin Swift Landing Page Cross-Site Request Forgery (1.1)