A vulnerability exists in the WordPress blogging platform that could leak information and lead to distributed denial of service (DDoS) attacks if the right script is run, according to web application security firm Acunetix. The vulnerability is being carried out autonomously by a tool currently distributed on the software development site Github. Attackers could try and guess hosts inside each network they target, port scan those hosts, reconfigure internal routers and launch large scale DDoS attacks. The flaw was first brought to WordPress attention more than six years ago in April 2007 but a ticket for the flaw was closed.
Source: https://threatpost.com/wordpress-pingback-vulnerability-could-lead-ddos-attacks-121712/77323/