/wordpress-cve-2018-6389

CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4

Primary LanguagePythonMIT LicenseMIT

WordPress-CVE-2018-6389

WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4

Date: 05/02/2018

Software Link: WordPress

Version: <= 4.9.4

Tested on: KaLi Linux 2018.1

CVE: CVE-2018-6389

Discovered by: Barak Tawily

Exploit by: Javier Olmedo

HOW TO USE?

Clone this repository

git clone https://github.com/JJavierOlmedo/wordpress-cve-2018-6389.git

Go to local repository

cd wordpress-cve-2018-6389

Change the access permissions

sudo chmod +x wordpress-cve-2018-6389.py

Launch attack!!

python3 wordpress-cve-2018-6389.py -u <TARGET> -t <THREADS>

PoC

cve-2018-6389