GitHub

This plugin disables XML-RPC API in WordPress 3.5+, which is enabled by default. It also unsets the X-Pingback header.

Notifications You must be signed in to change notification settings === Plugin Name === Contributors: solvethenet, philerb, swellfire Donate link: http://www.philerb ...
GitHub

AkashMadanu/XML-RPC-Server-Side-Request-Forgery_Wordpress_Website

My mentor taught me about various WordPress-related vulnerabilities. That knowledge was the foundation. But then I started exploring deeper. Asking "what else can this do?" That's when I found it. A ...
thetechoutlook

How to Disable XML-RPC Pingback in WordPress?

Because it was an outdated WordPress version (on an abandoned domain), even the xml-rpc may have been vulnerable to an attack. The xml-rpc in the most recent WordPress version, however, concerns me as ...
Security Boulevard

IP Disclosure of Servers Behind WAFs Using WordPress XML-RPC

The XML-RPC protocol was originally designed to simplify cross-platform communication between applications. However, recent security research has revealed that it can be exploited for IP disclosure ...
CSOonline

WordPress pingback abuse blamed for massive DDoS attack

On Monday, Daniel Cid, the CTO of Sucuri, said in a blog post that his company recently mitigated a DDoS attack that leveraged more than 162,000 legitimate WordPress installations. The attack was ...