<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 02 Jul 2026 02:47:56 +0000</lastBuildDate>
    <item>
      <title>6e47d1bf-112c-4d60-b5bc-9766807a637e</title>
      <link>https://vulnerability.circl.lu/sighting/6e47d1bf-112c-4d60-b5bc-9766807a637e/export</link>
      <description>{"uuid": "6e47d1bf-112c-4d60-b5bc-9766807a637e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "Telegram/d8wD4nyiI6OV0OXzhOtZYCLbRAqpkWgPekubzfScCoXm1wI", "content": "", "creation_timestamp": "2025-11-13T15:00:08.000000Z"}</description>
      <content:encoded>{"uuid": "6e47d1bf-112c-4d60-b5bc-9766807a637e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "Telegram/d8wD4nyiI6OV0OXzhOtZYCLbRAqpkWgPekubzfScCoXm1wI", "content": "", "creation_timestamp": "2025-11-13T15:00:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6e47d1bf-112c-4d60-b5bc-9766807a637e/export</guid>
      <pubDate>Thu, 13 Nov 2025 15:00:08 +0000</pubDate>
    </item>
    <item>
      <title>6f78fee3-b951-4f4d-a98e-064406cc95ee</title>
      <link>https://vulnerability.circl.lu/sighting/6f78fee3-b951-4f4d-a98e-064406cc95ee/export</link>
      <description>{"uuid": "6f78fee3-b951-4f4d-a98e-064406cc95ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "MISP/86d5e729-7eed-4d44-8dd6-a0944e5371e5", "content": "", "creation_timestamp": "2024-11-14T06:08:22.000000Z"}</description>
      <content:encoded>{"uuid": "6f78fee3-b951-4f4d-a98e-064406cc95ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "MISP/86d5e729-7eed-4d44-8dd6-a0944e5371e5", "content": "", "creation_timestamp": "2024-11-14T06:08:22.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6f78fee3-b951-4f4d-a98e-064406cc95ee/export</guid>
      <pubDate>Thu, 14 Nov 2024 06:08:22 +0000</pubDate>
    </item>
    <item>
      <title>9c4ce0a2-113b-4728-b388-b940bee7ebf2</title>
      <link>https://vulnerability.circl.lu/sighting/9c4ce0a2-113b-4728-b388-b940bee7ebf2/export</link>
      <description>{"uuid": "9c4ce0a2-113b-4728-b388-b940bee7ebf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/critical_bug/1469", "content": "[\ud83d\udd0d\ud83d\udee1\ufe0f\ud83d\udcbb] \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2018-6389 - \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\n\n\u26a0\ufe0f \u0422\u0438\u043f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: Uncontrolled Resource Consumption\n\ud83d\udcb0 \u0411\u0430\u0443\u043d\u0442\u0438: \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e\n\ud83d\udcc9 \u041a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c: \u043d\u0438\u0437\u043a\u0430\u044f\n\n\ud83d\udd0d \u0410\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b, \u0447\u0442\u043e \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 .js \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0438\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u043a\u0430\u0436\u0434\u044b\u0439 \u0444\u0430\u0439\u043b \u043c\u043d\u043e\u0433\u043e\u043a\u0440\u0430\u0442\u043d\u043e. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a CVE-2018-6389. \u041f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 GET-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a /wp-admin/load-scripts.php \u0441 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438, \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u044a\u0435\u043c\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0412 \u0438\u0442\u043e\u0433\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u0441\u0435\u0440\u0432\u0435\u0440 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 `406 Not Acceptable`.\n\n#ResourceConsumption #Low #SignalSciences\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0440\u0435\u043f\u043e\u0440\u0442\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435", "creation_timestamp": "2024-08-26T11:00:52.000000Z"}</description>
      <content:encoded>{"uuid": "9c4ce0a2-113b-4728-b388-b940bee7ebf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/critical_bug/1469", "content": "[\ud83d\udd0d\ud83d\udee1\ufe0f\ud83d\udcbb] \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2018-6389 - \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\n\n\u26a0\ufe0f \u0422\u0438\u043f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: Uncontrolled Resource Consumption\n\ud83d\udcb0 \u0411\u0430\u0443\u043d\u0442\u0438: \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e\n\ud83d\udcc9 \u041a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c: \u043d\u0438\u0437\u043a\u0430\u044f\n\n\ud83d\udd0d \u0410\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b, \u0447\u0442\u043e \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 .js \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u0435\u0440\u0438\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0442 \u043a\u0430\u0436\u0434\u044b\u0439 \u0444\u0430\u0439\u043b \u043c\u043d\u043e\u0433\u043e\u043a\u0440\u0430\u0442\u043d\u043e. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043a\u0430\u043a CVE-2018-6389. \u041f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 GET-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a /wp-admin/load-scripts.php \u0441 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438, \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u043e\u0431\u044a\u0435\u043c\u044b \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u0412 \u0438\u0442\u043e\u0433\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430, \u0441\u0435\u0440\u0432\u0435\u0440 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 `406 Not Acceptable`.\n\n#ResourceConsumption #Low #SignalSciences\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0440\u0435\u043f\u043e\u0440\u0442\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435", "creation_timestamp": "2024-08-26T11:00:52.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9c4ce0a2-113b-4728-b388-b940bee7ebf2/export</guid>
      <pubDate>Mon, 26 Aug 2024 11:00:52 +0000</pubDate>
    </item>
    <item>
      <title>7a203446-e5c2-4b09-b6ed-dac11384c89a</title>
      <link>https://vulnerability.circl.lu/sighting/7a203446-e5c2-4b09-b6ed-dac11384c89a/export</link>
      <description>{"uuid": "7a203446-e5c2-4b09-b6ed-dac11384c89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/55", "content": "#exploit\n1. CVE-2018-5758:\nXXE in Jive-n 0-day\nhttps://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-5758\n\n2. CVE-2018-1335:\nCommand Injection in Apache Tika-server\nhttps://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-1335\n\n3. CVE-2018-6389:\nApache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin/load-scripts.php file\nhttps://github.com/yolabingo/wordpress-fix-cve-2018-6389\n\n4. CVE-2018-12613:\nWordpress plugin Site-Editor v1.1.1 - LFI\nhttps://github.com/0x00-0x00/CVE-2018-7422", "creation_timestamp": "2024-06-22T09:28:36.000000Z"}</description>
      <content:encoded>{"uuid": "7a203446-e5c2-4b09-b6ed-dac11384c89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/55", "content": "#exploit\n1. CVE-2018-5758:\nXXE in Jive-n 0-day\nhttps://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-5758\n\n2. CVE-2018-1335:\nCommand Injection in Apache Tika-server\nhttps://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-1335\n\n3. CVE-2018-6389:\nApache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin/load-scripts.php file\nhttps://github.com/yolabingo/wordpress-fix-cve-2018-6389\n\n4. CVE-2018-12613:\nWordpress plugin Site-Editor v1.1.1 - LFI\nhttps://github.com/0x00-0x00/CVE-2018-7422", "creation_timestamp": "2024-06-22T09:28:36.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7a203446-e5c2-4b09-b6ed-dac11384c89a/export</guid>
      <pubDate>Sat, 22 Jun 2024 09:28:36 +0000</pubDate>
    </item>
    <item>
      <title>3ee849ad-c0ef-45f8-93ae-c4c8edc05ae9</title>
      <link>https://vulnerability.circl.lu/sighting/3ee849ad-c0ef-45f8-93ae-c4c8edc05ae9/export</link>
      <description>{"uuid": "3ee849ad-c0ef-45f8-93ae-c4c8edc05ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/151", "content": "CVE ID : CVE-2018-6389\nSystem : WordPress 4.9.2\nType : DOS\n\nExploit \n\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0628\u0641\u062f\u064a\u0648 :\nVideo", "creation_timestamp": "2024-06-02T07:46:18.000000Z"}</description>
      <content:encoded>{"uuid": "3ee849ad-c0ef-45f8-93ae-c4c8edc05ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/151", "content": "CVE ID : CVE-2018-6389\nSystem : WordPress 4.9.2\nType : DOS\n\nExploit \n\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0628\u0641\u062f\u064a\u0648 :\nVideo", "creation_timestamp": "2024-06-02T07:46:18.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3ee849ad-c0ef-45f8-93ae-c4c8edc05ae9/export</guid>
      <pubDate>Sun, 02 Jun 2024 07:46:18 +0000</pubDate>
    </item>
    <item>
      <title>797cea27-e452-4548-9896-389a8953ba71</title>
      <link>https://vulnerability.circl.lu/sighting/797cea27-e452-4548-9896-389a8953ba71/export</link>
      <description>{"uuid": "797cea27-e452-4548-9896-389a8953ba71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/ctinow/184474", "content": "https://ift.tt/aKxsNc9\nPublitas: CVE-2018-6389 exploitation - using scripts loader", "creation_timestamp": "2024-02-14T08:51:19.000000Z"}</description>
      <content:encoded>{"uuid": "797cea27-e452-4548-9896-389a8953ba71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/ctinow/184474", "content": "https://ift.tt/aKxsNc9\nPublitas: CVE-2018-6389 exploitation - using scripts loader", "creation_timestamp": "2024-02-14T08:51:19.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/797cea27-e452-4548-9896-389a8953ba71/export</guid>
      <pubDate>Wed, 14 Feb 2024 08:51:19 +0000</pubDate>
    </item>
    <item>
      <title>82bc97a0-39a2-4e9e-8d26-2ae9f638f7e2</title>
      <link>https://vulnerability.circl.lu/sighting/82bc97a0-39a2-4e9e-8d26-2ae9f638f7e2/export</link>
      <description>{"uuid": "82bc97a0-39a2-4e9e-8d26-2ae9f638f7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/arpsyndicate/1873", "content": "#ExploitObserverAlert\n\nCVE-2018-6389\n\nDESCRIPTION: Exploit Observer has 111 entries related to CVE-2018-6389. In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.\n\nFIRST-EPSS: 0.408310000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T00:42:09.000000Z"}</description>
      <content:encoded>{"uuid": "82bc97a0-39a2-4e9e-8d26-2ae9f638f7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/arpsyndicate/1873", "content": "#ExploitObserverAlert\n\nCVE-2018-6389\n\nDESCRIPTION: Exploit Observer has 111 entries related to CVE-2018-6389. In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.\n\nFIRST-EPSS: 0.408310000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T00:42:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/82bc97a0-39a2-4e9e-8d26-2ae9f638f7e2/export</guid>
      <pubDate>Mon, 18 Dec 2023 00:42:09 +0000</pubDate>
    </item>
    <item>
      <title>0989385a-e466-414e-864a-4448e55f3a68</title>
      <link>https://vulnerability.circl.lu/sighting/0989385a-e466-414e-864a-4448e55f3a68/export</link>
      <description>{"uuid": "0989385a-e466-414e-864a-4448e55f3a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/critical_bug/660", "content": "https://hackerone.com/reports/694467\n\n\u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0440\u0442 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 JS-\u0444\u0430\u0439\u043b\u043e\u0432 \u0438 CSS-\u0444\u0430\u0439\u043b\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u0439\u043b\u044b load-scripts.php, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS). \u0412 \u043e\u0442\u0447\u0451\u0442\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0435\u0442\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0435\u0451 \u0440\u0435\u0448\u0435\u043d\u0438\u044f. \u0422\u0430\u043a\u0436\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 OWASP 2017 \u0438 CVE-2018-6389. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0441\u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 DoS \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0441\u0430\u0439\u0442, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u0430\u0439\u0442\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432.", "creation_timestamp": "2023-04-24T18:55:32.000000Z"}</description>
      <content:encoded>{"uuid": "0989385a-e466-414e-864a-4448e55f3a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "seen", "source": "https://t.me/critical_bug/660", "content": "https://hackerone.com/reports/694467\n\n\u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0440\u0442 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 JS-\u0444\u0430\u0439\u043b\u043e\u0432 \u0438 CSS-\u0444\u0430\u0439\u043b\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 \u0444\u0430\u0439\u043b\u044b load-scripts.php, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0430\u0442\u0430\u043a\u0438 \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS). \u0412 \u043e\u0442\u0447\u0451\u0442\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0435\u0442\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0435\u0451 \u0440\u0435\u0448\u0435\u043d\u0438\u044f. \u0422\u0430\u043a\u0436\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 OWASP 2017 \u0438 CVE-2018-6389. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0441\u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 DoS \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0441\u0430\u0439\u0442, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u0430\u0439\u0442\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432.", "creation_timestamp": "2023-04-24T18:55:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0989385a-e466-414e-864a-4448e55f3a68/export</guid>
      <pubDate>Mon, 24 Apr 2023 18:55:32 +0000</pubDate>
    </item>
    <item>
      <title>83437b24-e3a3-4aa1-9cea-8a136d7869bc</title>
      <link>https://vulnerability.circl.lu/sighting/83437b24-e3a3-4aa1-9cea-8a136d7869bc/export</link>
      <description>{"uuid": "83437b24-e3a3-4aa1-9cea-8a136d7869bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/critical_bug/640", "content": "https://hackerone.com/reports/690330\n\n\u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0440\u0442 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0441\u0430\u0439\u0442\u0430, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 load-scripts.php \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 JavaScript-\u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043f\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u0443. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 DoS \u043d\u0430 \u0441\u0430\u0439\u0442. \u0412 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0436\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u0440 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0438 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438, \u0433\u0434\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0434\u0430\u043d\u043d\u043e\u043c \u0442\u0438\u043f\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WordPress. \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c web application firewall \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c .htaccess-\u0444\u0430\u0439\u043b \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0436\u0438\u043c\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0443 load-scripts.php. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 Using Components with Known Vulnerabilities \u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0435 OWASP Top 10 2017. \u0412 CVE (Common Vulnerabilities and Exposures) \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2018-6389. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0441\u0430\u0439\u0442\u0430.", "creation_timestamp": "2023-04-23T21:57:13.000000Z"}</description>
      <content:encoded>{"uuid": "83437b24-e3a3-4aa1-9cea-8a136d7869bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/critical_bug/640", "content": "https://hackerone.com/reports/690330\n\n\u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0440\u0442 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0441\u0430\u0439\u0442\u0430, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 load-scripts.php \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 JavaScript-\u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043f\u043e \u0440\u0430\u0437\u043c\u0435\u0440\u0443. \u0425\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 DoS \u043d\u0430 \u0441\u0430\u0439\u0442. \u0412 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0436\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0430\u0442\u0430\u043a\u0438, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u0440 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0438 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438, \u0433\u0434\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0434\u0430\u043d\u043d\u043e\u043c \u0442\u0438\u043f\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WordPress. \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c web application firewall \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c .htaccess-\u0444\u0430\u0439\u043b \u0441 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0440\u0435\u0436\u0438\u043c\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0443 load-scripts.php. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 Using Components with Known Vulnerabilities \u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0435 OWASP Top 10 2017. \u0412 CVE (Common Vulnerabilities and Exposures) \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2018-6389. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0430\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0441\u0430\u0439\u0442\u0430.", "creation_timestamp": "2023-04-23T21:57:13.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/83437b24-e3a3-4aa1-9cea-8a136d7869bc/export</guid>
      <pubDate>Sun, 23 Apr 2023 21:57:13 +0000</pubDate>
    </item>
    <item>
      <title>96b66edc-9149-4000-85d6-cc5c619057a6</title>
      <link>https://vulnerability.circl.lu/sighting/96b66edc-9149-4000-85d6-cc5c619057a6/export</link>
      <description>{"uuid": "96b66edc-9149-4000-85d6-cc5c619057a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/107174", "content": "Fastly VDP: CVE-2018-6389 exploitation - using scripts loader\n\nhttps://ift.tt/IAGEomv", "creation_timestamp": "2023-04-20T22:06:39.000000Z"}</description>
      <content:encoded>{"uuid": "96b66edc-9149-4000-85d6-cc5c619057a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-6389", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/107174", "content": "Fastly VDP: CVE-2018-6389 exploitation - using scripts loader\n\nhttps://ift.tt/IAGEomv", "creation_timestamp": "2023-04-20T22:06:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/96b66edc-9149-4000-85d6-cc5c619057a6/export</guid>
      <pubDate>Thu, 20 Apr 2023 22:06:39 +0000</pubDate>
    </item>
  </channel>
</rss>
