Description
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21313 Vulnerability (CVE-2022-21313)
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
WordPress Plugin Fetch Tweets Unspecified Vulnerability (1.3.3.6)
CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)