multiple JS files and CSS files through load-scripts.php files at once. For example, https://example.com/wp-admin/load-scripts.php?c=1&load%5B%5D=jquery- ui-core,editor&ver=4.9.1, file load-scripts.php will load jquery-ui-core and editor files automatically and return the contents of the file. However, the number and size of files are not restricted in the process of loading JS files, attackers can use this function to deplete server resources and launch denial of service attacks. For example, if you use the below payload then it'll cause 4.11 Mb of data to be transferred b/w the server and the user. So if the attacker sends 10,000 requests then it would result in transferring 41100 Mb (42Gb) from the server to the user which would cause a Denial of Service attack to the server.