https://codex.wordpress.org/zh-cn:XML-RPC_Support http://xmlrpc.com/ https://medium.com/@the.bilal.rizwan/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32 https://www.acunetix.com/blog/web-security-zone/wordpress-pingback-vulnerability/ http://lab.onsec.ru/2013/...
WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation by the xmlrpc script. A remote attacker with contributor permissions could exploit this vulnerability to publish posts to the Web site. This vulnerability was promptly eliminated in version ...