CVE-2018-6389

Severity CVSS v4.0:
Pending analysis
Type:
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
06/02/2018
Last modified:
01/03/2019

Description

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* 4.9.2 (including)