Index: wp-includes/class-wp-xmlrpc-server.php
===================================================================
--- wp-includes/class-wp-xmlrpc-server.php	(revision 22327)
+++ wp-includes/class-wp-xmlrpc-server.php	(working copy)
@@ -3787,6 +3787,9 @@
 		if ( !$user = $this->login($username, $password) )
 			return $this->error;
 
+		if ( !current_user_can( 'edit_posts' ) )
+			return new IXR_Error( 401, __( 'Sorry, you cannot edit posts on this site.' ) );
+
 		do_action('xmlrpc_call', 'blogger.getRecentPosts');
 
 		$posts_list = wp_get_recent_posts( $query );
@@ -4817,6 +4820,9 @@
 		if ( !$user = $this->login($username, $password) )
 			return $this->error;
 
+		if ( !current_user_can( 'edit_posts' ) )
+			return new IXR_Error( 401, __( 'Sorry, you cannot edit posts on this site.' ) );
+
 		do_action('xmlrpc_call', 'metaWeblog.getRecentPosts');
 
 		$posts_list = wp_get_recent_posts( $query );