WordPress allows remote attackers to cause a denial of service (bandwidth
or thread consumption) via pingback service calls with a source URI that
corresponds to a file with a binary content type, which is downloaded even
though it cannot contain usable pingback data.
Updated: 2016-03-23 03:28:11 UTC (commit 10817)