Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3) - Vulnerability Database

WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)

Description

WordPress is prone to multiple vulnerabilities, including Denial of Service and information disclosure vulnerabilities. Attackers can exploit these issues to consume memory and bandwidth resources, thus denying service to legitimate users or to gain information that may aid in further attacks. WordPress versions prior to 2.1 are vulnerable.

Remediation

Update to WordPress version 3.6 or latest

References

http://www.securityfocus.com/bid/22220/exploit
http://www.securityfocus.com/archive/1/458003
http://core.trac.wordpress.org/attachment/ticket/4137/exploit.py
http://secunia.com/advisories/24951/

Related Vulnerabilities

Apache 2.x version older than 2.0.48 Medium
Common tags: Missing Update Denial Of Service Information Disclosure
Apache Tomcat version older than 6.0.35 High
Common tags: Missing Update Denial Of Service Information Disclosure
WordPress Plugin WPGraphQL Denial of Service (1.3.5) High
Common tags: Missing Update Denial Of Service
WordPress Plugin Breadcrumb NavXT Information Disclosure (6.1.0) High
Common tags: Missing Update Information Disclosure
WordPress Plugin Activity Log Information Disclosure (2.2.12) High
Common tags: Missing Update Information Disclosure

Severity

High

Classification

CVE-2007-0540
CWE-200
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update
Denial Of Service
Information Disclosure