diff --git a/wpscan.rb b/wpscan.rb
index a9b461ff..ec25b32c 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -188,6 +188,7 @@ def main
 
     if wp_target.has_xml_rpc?
       puts "#{info('[+]')} XML-RPC Interface available under: #{wp_target.xml_rpc_url}"
+      puts "#{warning('[!]')} This may allow the GHOST vulnerability to be exploited, please see http://blog.spiderlabs.com/2015/01/ghost-gethostbyname-heap-overflow-in-glibc-cve-2015-0235.html for a PoC"
     end
 
     if wp_target.upload_directory_listing_enabled?