CVE 2008-0664
The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.
See the 
CVE page on Mitre.org
for more details.
