By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    12 months ago
    BEWARE THE THINGBOT!
    12 months ago
    Is your PC a part of botnet? Check it!
    12 months ago
    Latest News
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
    5 days ago
    Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
    6 days ago
    Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
    7 days ago
    Agent Tesla’s Unique Approach: VBS and Steganography for Delivery and Intrusion
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    12 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    12 months ago
    How to fix Microsoft Store not working on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    7 months ago
    Now you can speed up any video in your browser
    7 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    8 months ago
  • How To
    How ToShow More
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    17 hours ago
    Cloudflare account permissions, how to use them, and best practices
    Cloudflare account permissions, how to use them, and best practices
    17 hours ago
    Announcing Cloudflare Incident Alerts
    Announcing Cloudflare Incident Alerts
    17 hours ago
    Welcome to Birthday Week 2023
    Welcome to Birthday Week 2023
    2 days ago
    A new wave of innovation with Edge, your AI-powered browser
    3 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to export and import specific firewall rule on Windows 10
    8 months ago
    How to fix app compatibility problems on Windows 11
    8 months ago
    How to zip and unzip files using PowerShell on Windows 10
    8 months ago
    Latest News
    How to use image layers on Paint for Windows 11
    6 days ago
    How to disable Copilot on Windows 11 (completely)
    2 weeks ago
    How to blur image background in Photos for Windows 11
    2 weeks ago
    How to hide text from screenshots on Snipping Tool for Windows 11
    2 weeks ago
  • Glossary
  • My Bookmarks
Reading: DoS vulnerability in WordPress allows you to “drop” almost any site, and there is no patch for it
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Wordpress Threats

DoS vulnerability in WordPress allows you to “drop” almost any site, and there is no patch for it

Tom Grant
Last updated: 10 October
Tom Grant 2 years ago
Share
4 Min Read

Independent Israeli information security specialist Barak Tawily discovered and described in detail in his blog critical DoS vulnerability in WordPress CMS. The bug has received the ID CVE-2018-6389 and is dangerous for all versions of WordPress released in the last nine years (including the most fresh release 4.9.2). In his article, a specialist explains that the problem is related to the operation of load-scripts.php, which is used to process user requests. The original load-scripts.php was created for the convenience of site administrators so that they can improve the performance of their resources by concatenating several JavaScript files together. At the same time, the WordPress developers did not consider it necessary to protect this functionality with any kind of authentication so that the script could work without a login. In fact, load-scripts.php was available to anyone.

Depending on the installed modules and plugins, load-scripts.php selectively loads various JavaScript files, whose names are listed with a comma after the “load” parameter. That is, the URL should look like this: https:/ /your-wordpress-site.com/wp-admin/load-scripts.php?c=1&load=editor,common,user-profile,media-widgets,media-gallery

So, while the site is loading, load-scripts.php tries to find each of the JavaScript files listed in the URL in order to “give” them to the user's browser as a single file. Tawaily discovered that an attacker could force load-scripts.php to load all possible JavaScript files at all by simply listing them in the URL. Because of this, the attacked site can start to work much slower, absorbing more and more server power. Of course, with a single such request, an attacker will not be able to provoke a denial of service, but the researcher created a proof-of-concept exploit: a simple doser.py script written in Python. The script sends many similar requests to the target URL. After about 500 requests, the average site running on a VPS server stops responding at all, “giving” only errors 502, 503 and 504.

The specialist notes that from one computer it is unlikely that it will be possible to “put” a working computer under managing a WordPress site located on a powerful, separate server, however, if the attacker has a wide channel or several bots at his disposal, the attack will work against such a resource, and it will turn out to be less costly for the attacker than a regular DDoS.

A video demonstration of the attack can be seen below.

Although DoS vulnerabilities are not covered by the WordPress bug bounty program, Tawaili still reported the problem to developers through the HackerOne platform. Unfortunately, the creators of WordPress did not consider the discovered vulnerability serious enough and said that such problems need to be addressed at the server or network level, but not at the application level. That is, there is no patch for this bug. In response To this, Barak Tawaily published his own fork of WordPress on GitHub, in which the vulnerability was fixed. Also, the researcher posted in the public domain bash-script, which allows you to fix the problem in existing WordPress installations . xaker.ru

Translate this article

TAGGED: Authentication, DoS, PoC, Security, Vulnerabilities, WordPress
Tom Grant October 10, 2022 October 31, 2021
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps 17 hours ago
Cloudflare account permissions, how to use them, and best practices
Cloudflare account permissions, how to use them, and best practices
Apps 17 hours ago
Announcing Cloudflare Incident Alerts
Announcing Cloudflare Incident Alerts
Apps 17 hours ago
Welcome to Birthday Week 2023
Welcome to Birthday Week 2023
Apps 2 days ago
A new wave of innovation with Edge, your AI-powered browser
Windows 3 days ago

You Might Also Like

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)

17 hours ago
Cloudflare account permissions, how to use them, and best practices
Apps

Cloudflare account permissions, how to use them, and best practices

17 hours ago
Cloudflare Email Security now works with CrowdStrike Falcon LogScale
Apps

Cloudflare Email Security now works with CrowdStrike Falcon LogScale

5 days ago
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
Wordpress Threats

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)

5 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
Critical Vulnerability in Forminator Plugin
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme
How to download Windows 11 22H2 ISO after 23H2 releases
Previous Next

10 New Stories

Curator can help you with PC Game Pass picks
Cloudflare Email Security now works with CrowdStrike Falcon LogScale
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
How to use image layers on Paint for Windows 11
New! Rate Limiting analytics and throttling
Previous Next
Hot News
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Cloudflare account permissions, how to use them, and best practices
Announcing Cloudflare Incident Alerts
Welcome to Birthday Week 2023
A new wave of innovation with Edge, your AI-powered browser
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?