0.142 Low
EPSS
Percentile
95.7%
Because of The XMLRPC API, the attackers can send HTTP requests to intranet servers. Also, they can conduct port-scanning attacks by specifying a crafted source URL for a pingback.
Update WordPress.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0235