Name of Vulnerability:  wp-cron.php visible publicly file leads to dos attack full server downVulnerable Instances: server based dosWebsite: https://cibseven.org/wp-cron.php Description:  The wp-cron.php file is publicly accessible so this file gives full access to the attacker for performing dos attack . Attacker can make unlimited requests to server within a minute which leads to potential dos attack on server.Steps to Reproduce:1. Go to the website with wp-cron.php path 2. Copy url and use a python based tool (exploit of this bug ) for this3. Tool Link https://github.com/Quitten/doser.py4) type this command in terminal python3 doser.py -t 999 -g {website with wp-cron.php path here}  Impact:  An attacker can perform a denial-of-service attack (DoS attack) on a web server . An attacker can make unlimited requests within a minute .This affects the whole server outage over the globe. It's not only application level dos.mitigation : hide the wp-cron.php file for publicPlease consider this as an urgent matter and prioritize the resolution of this vulnerability . if you require any additional information or assistance. Do let me knowProof of Concept: Do let me know if you need the video poc for performing the dosThank you for your attention to this matter, and I look forward to hearing from you soon.Sincerely, Devanshplease note : I did not perform any dos attack on the website just informing that there is a path which should be hidden.