WordPress allows remote attackers to cause a denial of service (bandwidth
or thread consumption) via pingback service calls with a source URI that
corresponds to a file with a binary content type, which is downloaded even
though it cannot contain usable pingback data.
Updated: 2015-10-17 03:27:13 UTC (commit 10086)