WordPress XML-RPC Based Attacks


If you inspect the source code of WordPress, you will easily notice that there is a file in the root of the installation called xml-rpc.php. RPC stands for Remote Procedure Call, and it exposes an API that can be consumed by external agents, using XML to format data and HTTP to transfer it. It is the base of the more modern SOAP protocol.

Continue reading