WordPress allows remote attackers to cause a denial of service (bandwidth
or thread consumption) via pingback service calls with a source URI that
corresponds to a file with a binary content type, which is downloaded even
though it cannot contain usable pingback data.
Updated: 2016-01-26 17:27:58 UTC (commit 10507)