XML-RPC is for sure one of the two Achille's heels of Wordpress. It is a notorious target for hackers who like to do one of these three things or a combination of them all with the xmlrpc.php script: DOSing your website Using your website to stage a DDOS on