• Close
  • Back to search

    Wordpress XMLRPC DoS

    Wordpress XMLRPC parsing is vulnerable to a XML based denial of service. This vulnerability affects Wordpress 3.5 - 3.9.2 (3.8.4 and 3.7.4 are also patched).

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    auxiliary/dos/http/wordpress_xmlrpc_dos

    Authors

    • Nir Goldshlager
    • Christian Mehlmauer <FireFart [at] gmail.com>

    References

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use auxiliary/dos/http/wordpress_xmlrpc_dos msf auxiliary(wordpress_xmlrpc_dos) > show actions ...actions... msf auxiliary(wordpress_xmlrpc_dos) > set ACTION <action-name> msf auxiliary(wordpress_xmlrpc_dos) > show options ...show and set options... msf auxiliary(wordpress_xmlrpc_dos) > run