A DoS Flaw That Could Help Take Down WordPress Websites has been discovered in the WordPress CMS platform. The vulnerability (CVE-2018-6389) continues to be unpatched and is affecting almost all versions of WordPress released in the last nine years. Israeli security researcher Barak Tawily, who had discovered the flaw, explains how the flaw works to carry out a DoS attack, in detail, on his blog. WordPress authors did not keep any authentication in place, so as to make load-scripts.php work on the admin login page (WP-login.php) before login.”]
Source: https://hackercombat.com/a-dos-flaw-that-could-help-take-down-wordpress-websites/