CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE.md
README.md
wordpress-cve-2018-6389.py

README.md

WordPress-CVE-2018-6389

WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4

Date: 05/02/2018

Software Link: WordPress

Version: <= 4.9.4

Tested on: KaLi Linux 2018.1

CVE: CVE-2018-6389

Discovered by: Barak Tawily

Exploit by: Javier Olmedo

HOW TO USE?

Clone this repository

git clone https://github.com/JJavierOlmedo/wordpress-cve-2018-6389.git

Go to local repository

cd wordpress-cve-2018-6389

Change the access permissions

sudo chmod +x wordpress-cve-2018-6389.py

Launch attack!!

python3 wordpress-cve-2018-6389.py -u <TARGET> -t <THREADS>

PoC

cve-2018-6389