[wp-hackers] WP’s XML-RPC functionality a security vulnerability?
Stephen Harris
contact at stephenharris.info
Mon Jul 21 16:52:10 UTC 2014
I too have noticed some DoS attacks using XML-RPC to target the site.
But the e-mail from the hosts said:
> Attackers are abusing the feature to launch DDoS attacks against
other sites.
so it would seem they are referring to something like
https://core.trac.wordpress.org/ticket/4137 (which is fixed).
So I would follow their advice (disable XML-RPC if you don't need it),
but it's not clear what vulnerability they are referring to
More information about the wp-hackers
mailing list