To clarify for all the confused people WordPress is not affected by the recent XML-RPC problem that lots of other apps were. We use different, more secure libraries for XML-RPC. The problem was discovered by the same guy though, I imagine he was auditing our code and found totally unrelated, which we fixed in our recent release. Of course you wouldn’t guess that from the title, “PHP Blogging Apps Vulnerable to XML-RPC Exploits.” Let’s go down the list: PostNuke – content management; WordPress – blogging; Drupal – content/community management; Serendipity – blogging; phpAdsNew – ad serving; phpWiki – wiki (not blogging); phpMyFAQ – FAQ management. If it bleeds it leads, right? 😉