High severity7.5OSV Advisory· Published Feb 6, 2018· Updated Jun 17, 2026
CVE-2018-6389
CVE-2018-6389
Description
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24.9.2+ 1 more
- (no CPE)range: 4.9.2
- (no CPE)range: <=4.9.2
Patches
Vulnerability mechanics
References
6- baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.htmlnvdExploitIssue TrackingThird Party Advisory
- thehackernews.com/2018/02/wordpress-dos-exploit.htmlnvdExploitThird Party Advisory
- www.exploit-db.com/exploits/43968/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/103060nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040347nvdThird Party AdvisoryVDB Entry
- wpvulndb.com/vulnerabilities/9021nvdThird Party Advisory
News mentions
0No linked articles in our index yet.