WordPress 4.0.1 is prone to a denial of service vulnerability that allows an attacker to send specially crafted requests. These requests resulting in CPU and memory exhaustion and in that way the site becomes unavailable.
Update WordPress.