Description
WordPress is prone to a Denial of Service vulnerability which can be exploited by malicious people to cause the affected website to consume memory and CPU resources, thus denying service to legitimate users. WordPress versions prior to 3.7.4, 3.8.4 and 3.9.2 are vulnerable.
Remediation
Update to WordPress version 3.7.4, 3.8.4, 3.9.2 or latest
References
http://www.breaksec.com/?p=6362
http://codex.wordpress.org/Version_3.7.4
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487)
CubeCart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-38130)
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-0464)
WordPress Plugin Payment Form for PayPal Pro SQL Injection (1.1.64)