WordPress allows remote attackers to cause a denial of service (bandwidth
or thread consumption) via pingback service calls with a source URI that
corresponds to a file with a binary content type, which is downloaded even
though it cannot contain usable pingback data.
Updated: 2015-07-29 20:29:03 UTC (commit 9756)