CVE-2007-0540
wordpress - several vulnerabilities
EPSS 7.8%
Description
WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.
How to fix CVE-2007-0540
To remediate CVE-2007-0540, upgrade the affected package to a fixed version below.
- Debian/wordpress—upgrade to 2.1.0-1 or later
- Debian/wordpress—upgrade to 2.0.10-1etch2 or later
Is CVE-2007-0540 being exploited?
Moderate — EPSS is 7.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 2.1.0-1
- from 0, < 2.0.10-1etch2