Package: wordpress
Version: 3.0.1-2~bpo50+1
Severity: minor
Wordpress includes an XML-RPC interface, provided xmlrpc.php
If a user agent makes an HTTP GET request for the XML-RPC interface, Wordpress
responds with a 200 "OK" response. As the server is declining to accept a GET,
this should really be HTTP 405 "Method Not Allowed" with a suitable Allow:
header.
Here's an example HTTP response:
HTTP/1.1 200 OK
Date: Sun, 26 Sep 2010 16:59:05 GMT
Server: Apache/2.2
Cache-Control: max-age=0
Expires: Sun, 26 Sep 2010 16:59:05 GMT
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
XML-RPC server accepts POST requests only.