Slide 19
Slide 19 text
Denial of Service (DoS)
CVE-2018-6389
WordPress allows users to load multiple JS files and CSS files through load-scripts.php files at
once. For example, https://example.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery-
ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor files
automatically and return the contents of the file.
However, the number and size of files are not restricted in the process of loading JS files,
attackers can use this function to deplete server resources and launch denial of service attacks.
For example, if you use the below payload then it'll cause 4.11 Mb of data to be transferred b/w
the server and the user. So if the attacker sends 10,000 requests then it would result in
transferring 41100 Mb (42Gb) from the server to the user which would cause a Denial of Service
attack to the server.