Description
WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Remove WP Update Nags Security Bypass (1.3.0)
WordPress Plugin GD Star Rating 'de' Parameter SQL Injection (1.9.10)
WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24)
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.23)