New Wordpress Vulnerability - DOS Attack Possible
A fresh vulnerability in Wordpress that allows you to conduct a DOS attack on the victim's blog using the wp-trackback.php file
To fix this vulnerability, you need to add the following code to the functions.php file located in the blog template folder:
')
If you do not have the ability or knowledge, in order to register this code in your blog, download and install the plugin that fixes this vulnerability.
Exploit vulnerabilities: jarraltech.com/2009/10/new-0-day-wordpress-exploit
Source: blogproblog.com/wp-trackback_dos_attack
To fix this vulnerability, you need to add the following code to the functions.php file located in the blog template folder:
')
function ft_stop_trackback_dos_attacks(){
global $pagenow;
if ( 'wp-trackback.php' == $pagenow ){
// DoS attack fix.
if ( isset($_POST['charset']) ){
$charset = $_POST['charset'];
if ( strlen($charset) > 50 ) { die; }
}
}
}
add_action('init','ft_stop_trackback_dos_attacks');If you do not have the ability or knowledge, in order to register this code in your blog, download and install the plugin that fixes this vulnerability.
Exploit vulnerabilities: jarraltech.com/2009/10/new-0-day-wordpress-exploit
Source: blogproblog.com/wp-trackback_dos_attack
Source: https://habr.com/ru/post/72911/
All Articles