Fear and panic!
This article explicitly mentions WordPress as being vulnerable to a newly discovered security hole in the underlying PHP XML-RPC libraries.
This WordPress support article outlines a couple of fixes.
- Uprade to WordPress 1.5.1.3
- Or, if you own the server (as I do):
pear clear-cachepear upgrade XML_RPC
And all is now right with the world.
via: Daring Fireball