Major Vulnerability In PHP XML_RPC Implementations
If you're using PHP and PHP-based weblog applications, like Drupal, WordPress, PostNuke and many others, it's time to do a quick upgrade. A major vulnerability has been found in the PEAR XML_RPC library, and the XML-RPC for PHP package.
Both the PEAR library and individual packages need to be upgraded, as many projectss ship XML-RPC as part of their package. More information on the vulnerability can be found in the GulfTech advisory.