Title: Security issues with xmprpc.php
Last modified: August 18, 2016

---

# Security issues with xmprpc.php

 *  [fmouse](https://wordpress.org/support/users/fmouse/)
 * (@fmouse)
 * [20 years, 9 months ago](https://wordpress.org/support/topic/security-issues-with-xmprpcphp/)
 * My system here was recently hacked via a rather nasty exploit in xmlrpc (see 
   [http://phpxmlrpc.sourceforge.net/](http://phpxmlrpc.sourceforge.net/)). The 
   target file for the exploit was xmlrpc.php, probably part of Drupal. I note that
   WordPress uses a file by this name, apparently customized for or written for 
   WordPress. Does this file contain code from xmlrpc.inc or xmlrpcs.inc from the
   phpxmlrpc project, and has it been vetted for and possibly modified to prevent
   exploits as described at the phpxmlrpc Sourceforge website (and at numerous other
   places on the Internet)?

Viewing 1 replies (of 1 total)

 *  [ionic](https://wordpress.org/support/users/ionic/)
 * (@ionic)
 * [20 years, 9 months ago](https://wordpress.org/support/topic/security-issues-with-xmprpcphp/#post-250058)
 * WordPress >= 1.5 uses a different XMLRPC library and is therefore not vulnerable
   to those exploits.

Viewing 1 replies (of 1 total)

The topic ‘Security issues with xmprpc.php’ is closed to new replies.

 * In: [Requests and Feedback](https://wordpress.org/support/forum/requests-and-feedback/)
 * 1 reply
 * 2 participants
 * Last reply from: [ionic](https://wordpress.org/support/users/ionic/)
 * Last activity: [20 years, 9 months ago](https://wordpress.org/support/topic/security-issues-with-xmprpcphp/#post-250058)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics