[wp-trac] [WordPress Trac] #11685: Search flood exploit

WordPress Trac wp-trac at lists.automattic.com
Fri Jan 1 19:34:25 UTC 2010

#11685: Search flood exploit
 Reporter:  scribu        |       Owner:  ryan
     Type:  defect (bug)  |      Status:  new 
 Priority:  normal        |   Milestone:  3.0 
Component:  Security      |     Version:      
 Severity:  normal        |    Keywords:      
 Just found this DOS attack:


 It just makes a lot of requests with a random search string each time to
 prevent caching plugins from doing their job.

 Maybe WP should have some sort of flood protection against this?

Ticket URL: <http://core.trac.wordpress.org/ticket/11685>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list