Description
The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint.
Remediation
References
Related Vulnerabilities
WordPress Plugin Adminer Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
WordPress Plugin amtyThumb Cross-Site Scripting (4.1.2)
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.17.29)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Unspecified Vulnerability (1.0.6)