WordPress Cron Enabled CVE-2023-22622
Risk Information
VPR Risk Factor: Medium Score: 4.3
CVSS v2 Risk Factor: Medium Base Score: 4.6 Vector: CVSS2#AV:A/AC:H/Au:N/C:N/I:N/A:C
CVSS v3 Risk Factor: Medium Base Score: 5.3 Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference Information CVE: CVE-2023-22622 CWE: 400 OWASP: 2013-A9, 2017-A9, 2021-A6 WASC: Denial of Service CAPEC: 147, 197, 492 DISA STIG: APSC-DV-002400, APSC-DV-002630 HIPAA: 164.306(a)(1), 164.306(a)(2) ISO: 27001-A.12.6.1, 27001-A.14.2.5 NIST: sp800_53-CM-6b, sp800_53-SC-5 OWASP API: 2019-API7, 2023-API8 OWASP ASVS: 4.0.2-14.2.1 PCI-DSS: 3.2-2.2, 3.2-6.2
This Python script is a tool designed to send a large number of HTTP requests to a specified URL and handle responses based on their status codes. It uses concurrent execution to speed up the process and efficiently manage response statuses such as throttling and server errors.
- Send HTTP
GETorPOSTrequests to a specified URL. - Handle HTTP status codes like 429 (throttling) and 500 (server error) specifically.
- Utilize multithreading via a thread pool to send requests concurrently.
- Display unique messages only once per type of response status.
- Track and display the total number of requests sent.
Before running this script, make sure you have Python installed on your machine along with the requests library. You can install the necessary library using pip:
pip install requests