{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T04:24:34.107","vulnerabilities":[{"cve":{"id":"CVE-2024-12579","sourceIdentifier":"security@wordfence.com","published":"2024-12-13T05:15:07.473","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression.  This makes it possible for unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages."},{"lang":"es","value":"El complemento Minify HTML para WordPress es vulnerable a la denegación de servicio por expresión regular (ReDoS) en todas las versiones hasta la 2.1.10 incluida. Esto se debe al procesamiento de la entrada proporcionada por el usuario como una expresión regular. Esto hace posible que atacantes no autenticados creen comentarios que pueden causar retrocesos catastróficos y romper páginas."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3203890/minify-html-markup","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/80334e81-c33d-464c-9409-f49c34681890?source=cve","source":"security@wordfence.com"}]}}]}