Description
The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Maps in Posts Cross-Site Scripting (1.5.3)
Oracle JRE CVE-2013-2421 Vulnerability (CVE-2013-2421)
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
WordPress Plugin Super Store Finder for WordPress (Google Maps Store Locator) SQL Injection (6.3)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)