Description
Pingback is a method for web authors to request notification when somebody links to one of their documents. Typically, web publishing software will automatically inform the relevant parties on behalf of the user, allowing for the possibility of automatically creating links to referring documents.
WordPress accepts Pingback calls via the XMLRPC interface. Using this feature it's possible to list hosts from the internal network and test for open ports.
Remediation
Currently there is no official workaround. Disabling pingbacks and trackbacks from the Discussion Settings page doesn't fix the problem. Until a fix is released you can rename the xmlrpc.php file to a hard-to-guess filename.
References
Related Vulnerabilities
Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)
WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2)
WordPress Plugin Correos Woocommerce Arbitrary File Download (1.3.0.0)
Reachable SharePoint interface
WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)