• WordPress is prone to multiple vulnerabilities, including Denial of Service and information disclosure vulnerabilities. Attackers can exploit these issues to consume memory and bandwidth resources, thus denying service to legitimate users or to gain information that may aid in further attacks. WordPress versions prior to 2.1 are vulnerable.

• Update to WordPress version 3.6 or latest

• • http://www.securityfocus.com/bid/22220/exploit
  • http://www.securityfocus.com/archive/1/458003
  • http://core.trac.wordpress.org/attachment/ticket/4137/exploit.py
  • http://secunia.com/advisories/24951/

• 

• CVE-2007-0540

• CWE-200

  CWE-400

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

• Missing Update Denial Of Service Information Disclosure

• WordPress Plugin FAQ Multiple Cross-Site Scripting Vulnerabilities (1.0.14)
• WordPress 4.1.x Cross-Site Scripting Vulnerability (4.1 - 4.1.8)
• Joomla! Core 1.0.x Multiple Vulnerabilities (1.0.0 - 1.0.12)
• WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.2.6)
• WordPress Plugin DM Albums File Dislosure (1.9.2)