"PHP Blogging Apps Open to XML-RPC Exploits"

Fear and panic!

This article explicitly mentions WordPress as being vulnerable to a newly discovered security hole in the underlying PHP XML-RPC libraries.

This WordPress support article outlines a couple of fixes.

  • Uprade to WordPress
  • Or, if you own the server (as I do):
    • pear clear-cache
    • pear upgrade XML_RPC

And all is now right with the world.

via: Daring Fireball