It is to intimate to all of the users who are running a wordpress website, a simple yet serious (DOS) Denial of service attack vulnerability is found in the latest version of Wordpress Version 4.9.2. However, the company (Wordpress) has denied the vulnerability and to fix it. No official patch is released until now. Please visit the link below for more information regarding this vulnerability
https://thehackernews.com/2018/02/wordpress-dos-exploit.html
There are different patches available over the internet but use them at your own risk because No official patch is released until now but in the meantime you can refer the following links which will temporarily fix the issue; or you may consult with development team at your earliest.
https://wordpress.org/support/topic/does-wordfence-patch-dos-issue-cve-2018-6389-automatically/
https://github.com/JulienGadanho/cve-2018-6389-php-patcher
Technical Support,
WebSouls.
יום רביעי, אפריל 25, 2018