From packetstormsecurity.com
WordPress could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to modify the content of vhost.