xmlrpc.php &wp-cron.php files are enabled, and will used for (DDOS),(DOS) and broutforce users attack. security issue
Posted: Wed Oct 30, 2024 4:43 pm
The xmlrpc.php and wp-cron.php files in WordPress are often targets for attackers due to their potential misuse for DDoS, DoS, and brute-force attacks. When enabled, they can be exploited to overload the server, disrupt service, or attempt unauthorized logins, posing significant security risks.
https://hackerone.com/reports/2299069
https://hackerone.com/reports/2299069