Late last year a similar vulnerability was discovered that could turn third party blogs into a powerful port-scanning engine. The vulnerability CVE-2013-0235 was fixed in in Wordpress 3.5.1 by applying some filtering on allowed URLs.
The wide range of motives for these attacks political criminal or social makes every merchant or organization with an online presence a potential target.
The Pingback mechanism has been known to be a security risk for some time.
Since this feature is enabled by default and there is no protection mechanism within WordPress against it.
Distributed Denial of Service attacks have increased in scale intensity and frequency.
Read more
Related items:
