vagosec.org/2013/09/wordpress-php-object-injection/
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340
core.trac.wordpress.org/changeset/25325
www.openwall.com/lists/oss-security/2013/09/12/1