QwikSec

Security Database

CVE

CWE

Training

CVE-2018-6389

Published: Feb 6, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

https://wpvulndb.com/vulnerabilities/9021

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

https://thehackernews.com/2018/02/wordpress-dos-exploit.html

x_refsource_MISC

https://github.com/WazeHell/CVE-2018-6389

x_refsource_MISC

https://github.com/UltimateHackers/Shiva

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.