5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
The Incutio XML-RPC (IXR) Library permits entity declarations without considering recursion during entity expansion. In that way the attackers can cause a denial of service attacks via a crafted XML document containing a large number of nested entity references.
Related records:
http://db.threatpress.com/vulnerability/wordpress/wordpress-3-9-1-denial-of-service-attacks
Update WordPress.