CVE-2018-6389

CVE: CVE-2018-6389
Published: 2018-02-06T17:29Z
Vendor: wordpress
Products: wordpress
Versions: 4.9.2,
Description Language: en
Description: In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
References:
http://www.securityfocus.com/bid/103060
http://www.securitytracker.com/id/1040347
https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
https://github.com/UltimateHackers/Shiva
https://github.com/WazeHell/CVE-2018-6389
https://thehackernews.com/2018/02/wordpress-dos-exploit.html
https://wpvulndb.com/vulnerabilities/9021
https://www.exploit-db.com/exploits/43968/