http:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/2018\/02\/10\/unpatched-dos-flaw-could-help-anyone-take-down-wordpress-websites\/<\/a><\/p>\n The article here talks about how a single application level DoS (Denial of Service) has been found in WordPress sites that could potentially allow anyone to take down the website with just a single machine, something which was only possible in network level DDoS. The company has yet to patch the systems and most probably all the WordPress releases in the last 9 years are subjected to this attack. As per the article, the vulnerability was \u2018Discovered by Israeli security researcher\u00a0Barak Tawily<\/a>, the vulnerability resides in the way “load-scripts.php,” a built-in script in WordPress CMS, processes user-defined requests.\u2019 It is surprising because the load-scripts.php file essentially is used by system administrators to improve performance of the systems.<\/p>\n Lack of authentication in the home page has caused the load-scripts.php to be executed by anyone. All one needs to do is to call the php file to load all the JavaScript files by passing them into the URL<\/p>\n","protected":false},"excerpt":{"rendered":" Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites http:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/2018\/02\/10\/unpatched-dos-flaw-could-help-anyone-take-down-wordpress-websites\/ The article here talks about how a single application level DoS (Denial of Service) has been found in WordPress sites that could potentially allow anyone to take down the website with just a single machine, something which was only possible in network level DDoS. […]<\/p>\n","protected":false},"author":5588,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[714426],"tags":[],"class_list":{"0":"post-3886","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-01-it-governance","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/posts\/3886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/users\/5588"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/comments?post=3886"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/posts\/3886\/revisions"}],"predecessor-version":[{"id":3887,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/posts\/3886\/revisions\/3887"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/media?parent=3886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/categories?post=3886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5212sec001sec701sp2018\/wp-json\/wp\/v2\/tags?post=3886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}