WordPress Pingback Vulnerability

An older vulnerability that got ignored in 2007 is showing up again.

According to Acunetix’s Bogdan Calin, this particular vulnerability is exploitable through the platform’s XMLRPC API (through XMLRPC.PHP). Attackers could try and guess hosts inside each network they target, port scan those hosts, reconfigure internal routers and launch large scale DDoS attacks.

Mas aqui.

From the details it doesn’t sound extremely dangerous, but something that should be fixed sooner rather than later. You can bet that we will see WordPress 3.5.1 pretty darned soon!

About Will Chatham

Will Chatham is a Cyber Security Analyst, Ethical Hacker, and Penetration Tester at a data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

Leave a Reply