vendor:
WordPress
by:
Exploit Database
6.1
CVSS
MEDIUM
Denial of Service
20
CWE
Product Name: WordPress
Affected Version From: WordPress versions prior to 5.5.3
Affected Version To: WordPress versions prior to 5.5.3
Patch Exists: YES
Related CWE: CVE-2020-13662
CPE: a:wordpress:wordpress
Other Scripts:
N/A
Platforms Tested: None
2020
WordPress load-scripts.php Remote Denial of Service Vulnerability
A vulnerability in WordPress allows an attacker to send a specially crafted request to the load-scripts.php file, which can cause a denial of service. The vulnerability is caused by the lack of proper validation of the 'load' parameter, which can be exploited to cause a denial of service. The vulnerability is present in WordPress versions prior to 5.5.3.
Mitigation:
Upgrade to WordPress version 5.5.3 or later.