Just released, WordPress 1.5.1.3 fixes a new security issue involving remote procedure calls. While you don’t need to update ASAP, at least you will need to plug the hole by deleting a file on your site (xmlrpc.php).

Remote procedure calls are handy for remote posting of blog contents – but they can be like a ‘remote control’ to your site. So a security here is well worth a quick fix.

For more details, check out the WordPress site right away – and get your blog(s) kosher asap…