Description
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
Remediation
References
Related Vulnerabilities
WordPress Plugin bbPress Cross-Site Scripting (2.5.9)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.15)
WordPress CVE-2017-1001000 Vulnerability (CVE-2017-1001000)
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)
WordPress Plugin wp superb Slideshow 'upload.php' Arbitrary File Upload (2.2)