[wp-trac] [WordPress Trac] #47551: xmlrpc.php FILE is enable .It can be used for bruteforce attack and denial of service

WordPress Trac noreply at wordpress.org
Mon Jun 17 14:54:51 UTC 2019


#47551: xmlrpc.php FILE is enable .It can be used for bruteforce attack and denial
of service
------------------------------------------------+--------------------------
 Reporter:  pranayjain2511                      |       Owner:  (none)
     Type:  defect (bug)                        |      Status:  new
 Priority:  high                                |   Milestone:  Awaiting
                                                |  Review
Component:  XML-RPC                             |     Version:  5.0.1
 Severity:  major                               |  Resolution:
 Keywords:  needs-patch possible-vulnerability  |     Focuses:
------------------------------------------------+--------------------------
Changes (by marybaum):

 * keywords:  needs-patch => needs-patch possible-vulnerability
 * priority:  normal => high
 * severity:  normal => major


Comment:

 Welcome, and thanks for submitting! This looks pretty serious. I'll refer
 it to the security team for testing and patches.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47551#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list