CVE-2018-6389 Wordpress Exploit¶

CVE-2018-6389 Exploit Can Down Any Wordpress site under 4.9.3
The flaw affects the load-scripts.php WordPress script, it receives a parameter called load[]

About PoC¶

A simple Script In Python With threading could allow anyone to take down most WordPress websites with single machine

脚本github获取

Info¶

Can Down Any Website with Tested Wordpress versions
* Tested : WordPress (Version 4.9.2) * Tested : WordPress (Version 4.9.1)

Note : I Am Not The Author Of the Exploit 

Ref¶

• PoC - Youtube
• Barak Tawily - Blog