cve/2018/CVE-2018-6389.md
2024-06-09 00:33:16 +00:00

7.0 KiB

CVE-2018-6389

Description

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.

POC

Reference

Github